Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update dependency jest to v29.2.0 #121

Merged
merged 1 commit into from
Oct 25, 2022
Merged

chore(deps): update dependency jest to v29.2.0 #121

merged 1 commit into from
Oct 25, 2022

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Oct 22, 2022

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
jest (source) 29.1.2 -> 29.2.0 age adoption passing confidence

Review

  • Updates have been tested and work
  • If updates are AWS related, versions match the infrastructure (e.g. Lambda runtime, database, etc.)

Release Notes

facebook/jest

v29.2.0

Compare Source

Features
  • [@jest/cli, jest-config] A seed for the test run will be randomly generated, or set by a CLI option (#​13400)
  • [@jest/cli, jest-config] --show-seed will display the seed value in the report, and can be set via a CLI flag or through the config file (#​13400)
  • [jest-config] Add readInitialConfig utility function (#​13356)
  • [jest-core] Allow testResultsProcessor to be async (#​13343)
  • [@jest/environment, jest-environment-node, jest-environment-jsdom, jest-runtime] Add getSeed() to the jest object (#​13400)
  • [expect, @​jest/expect-utils] Allow isA utility to take a type argument (#​13355)
  • [expect] Expose AsyncExpectationResult and SyncExpectationResult types (#​13411)
Fixes
  • [babel-plugin-jest-hoist] Ignore TSTypeQuery when checking for hoisted references (#​13367)
  • [jest-core] Fix detectOpenHandles false positives for some special objects such as TLSWRAP (#​13414)
  • [jest-mock] Fix mocking of getters and setters on classes (#​13398)
  • [jest-reporters] Revert: Transform file paths into hyperlinks (#​13399)
  • [@jest/types] Infer type of each table correctly when the table is a tuple or array (#​13381)
  • [@jest/types] Rework typings to allow the *ReturnedWith matchers to be called with no argument (#​13385)
Chore & Maintenance
  • [*] Update @babel/* deps, resulting in slightly different stack traces for each (#​13422)
Performance
  • [jest-runner] Do not instrument v8 coverage data if coverage should not be collected (#​13282)

Configuration

📅 Schedule: Branch creation - "every weekend" in timezone America/Montreal, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.

@github-actions
Copy link

Test skip-plan

✅   Terraform Format: success

@github-actions
Copy link

Test invalid

❌   Terraform Format: failed
❌   Terraform Plan: failed
❌   Conftest: failed

🧹   Format: run terraform fmt to fix the following:

invalid.tf
Show plan 
Error: Missing required argument

  on invalid.tf line 11, in resource "random_id" "id":
  11: resource "random_id" "id" {

The argument "byte_length" is required, but no definition was found.

Error: Unsupported argument

  on invalid.tf line 12, in resource "random_id" "id":
  12:     muffin = "blueberry"

An argument named "muffin" is not expected here.

@github-actions
Copy link

Test format-error

❌   Terraform Format: failed
✅   Terraform Plan: success
✅   Conftest: success

🧹   Format: run terraform fmt to fix the following:

format-error.tf
Plan: 1 to add, 0 to change, 0 to destroy
Show plan 
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # random_id.id will be created
  + resource "random_id" "id" {
      + b64_std     = (known after apply)
      + b64_url     = (known after apply)
      + byte_length = 8
      + dec         = (known after apply)
      + hex         = (known after apply)
      + id          = (known after apply)
    }

Plan: 1 to add, 0 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: plan.tfplan

To perform exactly these actions, run the following command to apply:
    terraform apply "plan.tfplan"
Show Conftest results 
18 tests, 18 passed, 0 warnings, 0 failures, 0 exceptions

@github-actions
Copy link

Test truncate-plan

✅   Terraform Format: success
✅   Terraform Plan: success
✅   Conftest: success

Plan: 49 to add, 0 to change, 0 to destroy

✂   Warning: plan has been truncated! See the full plan in the logs.

Show plan 
Resource actions are indicated with the following symbols:
  + create
 <= read (data resources)

Terraform will perform the following actions:

  # module.rds.data.aws_iam_policy_document.read_connection_string will be read during apply
  # (config refers to values not yet known)
 <= data "aws_iam_policy_document" "read_connection_string"  {
      + id   = (known after apply)
      + json = (known after apply)

      + statement {
          + actions   = [
              + "secretsmanager:DescribeSecret",
              + "secretsmanager:GetResourcePolicy",
              + "secretsmanager:GetSecretValue",
              + "secretsmanager:ListSecretVersionIds",
            ]
          + effect    = "Allow"
          + resources = [
              + (known after apply),
            ]
          + sid       = "0"
        }
      + statement {
          + actions   = [
              + "secretsmanager:ListSecrets",
            ]
          + effect    = "Allow"
          + resources = [
              + "*",
            ]
          + sid       = "1"
        }
      + statement {
          + actions   = [
              + "kms:Decrypt",
            ]
          + effect    = "Allow"
          + resources = [
              + "*",
            ]
          + sid       = "2"

          + condition {
              + test     = "StringEquals"
              + values   = [
                  + "secretsmanager.ca-central-1.amazonaws.com",
                ]
              + variable = "kms:ViaService"
            }
        }
    }

  # module.rds.aws_cloudwatch_log_group.proxy will be created
  + resource "aws_cloudwatch_log_group" "proxy" {
      + arn               = (known after apply)
      + id                = (known after apply)
      + name              = "/aws/rds/proxy/test-rds-proxy"
      + retention_in_days = 14
      + tags              = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds_proxy_logs"
          + "Terraform"  = "true"
        }
      + tags_all          = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds_proxy_logs"
          + "Terraform"  = "true"
        }
    }

  # module.rds.aws_db_proxy.proxy will be created
  + resource "aws_db_proxy" "proxy" {
      + arn                    = (known after apply)
      + debug_logging          = false
      + endpoint               = (known after apply)
      + engine_family          = "POSTGRESQL"
      + id                     = (known after apply)
      + idle_client_timeout    = 1800
      + name                   = "test-rds-proxy"
      + require_tls            = true
      + role_arn               = (known after apply)
      + tags                   = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-rds-proxy"
          + "Terraform"  = "true"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-rds-proxy"
          + "Terraform"  = "true"
        }
      + vpc_security_group_ids = (known after apply)
      + vpc_subnet_ids         = (known after apply)

      + auth {
          + auth_scheme = "SECRETS"
          + description = "The database connection string"
          + iam_auth    = "DISABLED"
          + secret_arn  = (known after apply)
        }
    }

  # module.rds.aws_db_proxy_default_target_group.this will be created
  + resource "aws_db_proxy_default_target_group" "this" {
      + arn           = (known after apply)
      + db_proxy_name = "test-rds-proxy"
      + id            = (known after apply)
      + name          = (known after apply)

      + connection_pool_config {
          + connection_borrow_timeout    = (known after apply)
          + init_query                   = (known after apply)
          + max_connections_percent      = (known after apply)
          + max_idle_connections_percent = (known after apply)
          + session_pinning_filters      = (known after apply)
        }
    }

  # module.rds.aws_db_proxy_target.target will be created
  + resource "aws_db_proxy_target" "target" {
      + db_cluster_identifier = (known after apply)
      + db_proxy_name         = "test-rds-proxy"
      + endpoint              = (known after apply)
      + id                    = (known after apply)
      + port                  = (known after apply)
      + rds_resource_id       = (known after apply)
      + target_arn            = (known after apply)
      + target_group_name     = (known after apply)
      + tracked_cluster_id    = (known after apply)
      + type                  = (known after apply)
    }

  # module.rds.aws_db_subnet_group.rds will be created
  + resource "aws_db_subnet_group" "rds" {
      + arn                     = (known after apply)
      + description             = "Managed by Terraform"
      + id                      = (known after apply)
      + name                    = "test-rds-subnet-group"
      + name_prefix             = (known after apply)
      + subnet_ids              = (known after apply)
      + supported_network_types = (known after apply)
      + tags                    = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-subnet-group"
          + "Terraform"  = "true"
        }
      + tags_all                = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-subnet-group"
          + "Terraform"  = "true"
        }
    }

  # module.rds.aws_iam_policy.read_connection_string will be created
  + resource "aws_iam_policy" "read_connection_string" {
      + arn       = (known after apply)
      + id        = (known after apply)
      + name      = "test-rdsReadConnectionString"
      + path      = "/"
      + policy    = (known after apply)
      + policy_id = (known after apply)
      + tags      = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + tags_all  = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
    }

  # module.rds.aws_iam_role.rds_proxy will be created
  + resource "aws_iam_role" "rds_proxy" {
      + arn                   = (known after apply)
      + assume_role_policy    = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "sts:AssumeRole"
                      + Effect    = "Allow"
                      + Principal = {
                          + Service = "rds.amazonaws.com"
                        }
                      + Sid       = "RDSAssume"
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + create_date           = (known after apply)
      + force_detach_policies = false
      + id                    = (known after apply)
      + managed_policy_arns   = (known after apply)
      + max_session_duration  = 3600
      + name                  = "test-rds_rds_proxy"
      + name_prefix           = (known after apply)
      + path                  = "/"
      + tags                  = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + tags_all              = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + unique_id             = (known after apply)

      + inline_policy {
          + name   = (known after apply)
          + policy = (known after apply)
        }
    }

  # module.rds.aws_iam_role_policy_attachment.read_connection_string will be created
  + resource "aws_iam_role_policy_attachment" "read_connection_string" {
      + id         = (known after apply)
      + policy_arn = (known after apply)
      + role       = "test-rds_rds_proxy"
    }

  # module.rds.aws_rds_cluster.cluster will be created
  + resource "aws_rds_cluster" "cluster" {
      + allocated_storage               = (known after apply)
      + allow_major_version_upgrade     = false
      + apply_immediately               = false
      + arn                             = (known after apply)
      + availability_zones              = (known after apply)
      + backup_retention_period         = 7
      + cluster_identifier              = "test-rds-cluster"
      + cluster_identifier_prefix       = (known after apply)
      + cluster_members                 = (known after apply)
      + cluster_resource_id             = (known after apply)
      + copy_tags_to_snapshot           = false
      + database_name                   = "foo"
      + db_cluster_parameter_group_name = (known after apply)
      + db_subnet_group_name            = "test-rds-subnet-group"
      + deletion_protection             = true
      + enable_global_write_forwarding  = false
      + enable_http_endpoint            = false
      + endpoint                        = (known after apply)
      + engine                          = "aurora-postgresql"
      + engine_mode                     = "provisioned"
      + engine_version                  = "14.5"
      + engine_version_actual           = (known after apply)
      + final_snapshot_identifier       = (known after apply)
      + hosted_zone_id                  = (known after apply)
      + iam_roles                       = (known after apply)
      + id                              = (known after apply)
      + kms_key_id                      = (known after apply)
      + master_password                 = (sensitive value)
      + master_username                 = "probably"
      + network_type                    = (known after apply)
      + port                            = (known after apply)
      + preferred_backup_window         = "07:00-09:00"
      + preferred_maintenance_window    = (known after apply)
      + reader_endpoint                 = (known after apply)
      + skip_final_snapshot             = false
      + storage_encrypted               = true
      + tags                            = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-cluster"
          + "Terraform"  = "true"
        }
      + tags_all                        = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-cluster"
          + "Terraform"  = "true"
        }
      + vpc_security_group_ids          = (known after apply)
    }

  # module.rds.aws_rds_cluster_instance.instances[0] will be created
  + resource "aws_rds_cluster_instance" "instances" {
      + apply_immediately                     = (known after apply)
      + arn                                   = (known after apply)
      + auto_minor_version_upgrade            = true
      + availability_zone                     = (known after apply)
      + ca_cert_identifier                    = (known after apply)
      + cluster_identifier                    = (known after apply)
      + copy_tags_to_snapshot                 = false
      + db_parameter_group_name               = (known after apply)
      + db_subnet_group_name                  = "test-rds-subnet-group"
      + dbi_resource_id                       = (known after apply)
      + endpoint                              = (known after apply)
      + engine                                = "aurora-postgresql"
      + engine_version                        = "14.5"
      + engine_version_actual                 = (known after apply)
      + id                                    = (known after apply)
      + identifier                            = "test-rds-instance-0"
      + identifier_prefix                     = (known after apply)
      + instance_class                        = "db.t3.medium"
      + kms_key_id                            = (known after apply)
      + monitoring_interval                   = 0
      + monitoring_role_arn                   = (known after apply)
      + network_type                          = (known after apply)
      + performance_insights_enabled          = true
      + performance_insights_kms_key_id       = (known after apply)
      + performance_insights_retention_period = (known after apply)
      + port                                  = (known after apply)
      + preferred_backup_window               = (known after apply)
      + preferred_maintenance_window          = (known after apply)
      + promotion_tier                        = 0
      + publicly_accessible                   = false
      + storage_encrypted                     = (known after apply)
      + tags                                  = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-0"
          + "Terraform"  = "true"
        }
      + tags_all                              = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-0"
          + "Terraform"  = "true"
        }
      + writer                                = (known after apply)
    }

  # module.rds.aws_rds_cluster_instance.instances[1] will be created
  + resource "aws_rds_cluster_instance" "instances" {
      + apply_immediately                     = (known after apply)
      + arn                                   = (known after apply)
      + auto_minor_version_upgrade            = true
      + availability_zone                     = (known after apply)
      + ca_cert_identifier                    = (known after apply)
      + cluster_identifier                    = (known after apply)
      + copy_tags_to_snapshot                 = false
      + db_parameter_group_name               = (known after apply)
      + db_subnet_group_name                  = "test-rds-subnet-group"
      + dbi_resource_id                       = (known after apply)
      + endpoint                              = (known after apply)
      + engine                                = "aurora-postgresql"
      + engine_version                        = "14.5"
      + engine_version_actual                 = (known after apply)
      + id                                    = (known after apply)
      + identifier                            = "test-rds-instance-1"
      + identifier_prefix                     = (known after apply)
      + instance_class                        = "db.t3.medium"
      + kms_key_id                            = (known after apply)
      + monitoring_interval                   = 0
      + monitoring_role_arn                   = (known after apply)
      + network_type                          = (known after apply)
      + performance_insights_enabled          = true
      + performance_insights_kms_key_id       = (known after apply)
      + performance_insights_retention_period = (known after apply)
      + port                                  = (known after apply)
      + preferred_backup_window               = (known after apply)
      + preferred_maintenance_window          = (known after apply)
      + promotion_tier                        = 0
      + publicly_accessible                   = false
      + storage_encrypted                     = (known after apply)
      + tags                                  = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-1"
          + "Terraform"  = "true"
        }
      + tags_all                              = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-1"
          + "Terraform"  = "true"
        }
      + writer                                = (known after apply)
    }

  # module.rds.aws_rds_cluster_instance.instances[2] will be created
  + resource "aws_rds_cluster_instance" "instances" {
      + apply_immediately                     = (known after apply)
      + arn                                   = (known after apply)
      + auto_minor_version_upgrade            = true
      + availability_zone                     = (known after apply)
      + ca_cert_identifier                    = (known after apply)
      + cluster_identifier                    = (known after apply)
      + copy_tags_to_snapshot                 = false
      + db_parameter_group_name               = (known after apply)
      + db_subnet_group_name                  = "test-rds-subnet-group"
      + dbi_resource_id                       = (known after apply)
      + endpoint                              = (known after apply)
      + engine                                = "aurora-postgresql"
      + engine_version                        = "14.5"
      + engine_version_actual                 = (known after apply)
      + id                                    = (known after apply)
      + identifier                            = "test-rds-instance-2"
      + identifier_prefix                     = (known after apply)
      + instance_class                        = "db.t3.medium"
      + kms_key_id                            = (known after apply)
      + monitoring_interval                   = 0
      + monitoring_role_arn                   = (known after apply)
      + network_type                          = (known after apply)
      + performance_insights_enabled          = true
      + performance_insights_kms_key_id       = (known after apply)
      + performance_insights_retention_period = (known after apply)
      + port                                  = (known after apply)
      + preferred_backup_window               = (known after apply)
      + preferred_maintenance_window          = (known after apply)
      + promotion_tier                        = 0
      + publicly_accessible                   = false
      + storage_encrypted                     = (known after apply)
      + tags                                  = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-2"
          + "Terraform"  = "true"
        }
      + tags_all                              = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-2"
          + "Terraform"  = "true"
        }
      + writer                                = (known after apply)
    }

  # module.rds.aws_secretsmanager_secret.connection_string will be created
  + resource "aws_secretsmanager_secret" "connection_string" {
      + arn                            = (known after apply)
      + force_overwrite_replica_secret = false
      + id                             = (known after apply)
      + name                           = (known after apply)
      + name_prefix                    = (known after apply)
      + policy                         = (known after apply)
      + recovery_window_in_days        = 30
      + rotation_enabled               = (known after apply)
      + rotation_lambda_arn            = (known after apply)
      + tags                           = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + tags_all                       = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }

      + replica {
          + kms_key_id         = (known after apply)
          + last_accessed_date = (known after apply)
          + region             = (known after apply)
          + status             = (known after apply)
          + status_message     = (known after apply)
        }

      + rotation_rules {
          + automatically_after_days = (known after apply)
        }
    }

  # module.rds.aws_secretsmanager_secret.proxy_connection_string will be created
  + resource "aws_secretsmanager_secret" "proxy_connection_string" {
      + arn                            = (known after apply)
      + force_overwrite_replica_secret = false
      + id                             = (known after apply)
      + name                           = (known after apply)
      + name_prefix                    = (known after apply)
      + policy                         = (known after apply)
      + recovery_window_in_days        = 30
      + rotation_enabled               = (known after apply)
      + rotation_lambda_arn            = (known after apply)
      + tags                           = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + tags_all                       = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }

      + replica {
          + kms_key_id         = (known after apply)
          + last_accessed_date = (known after apply)
          + region             = (known after apply)
          + status             = (known after apply)
          + status_message     = (known after apply)
        }

      + rotation_rules {
          + automatically_after_days = (known after apply)
        }
    }

  # module.rds.aws_secretsmanager_secret_version.connection_string will be created
  + resource "aws_secretsmanager_secret_version" "connection_string" {
      + arn            = (known after apply)
      + id             = (known after apply)
      + secret_id      = (known after apply)
      + secret_string  = (sensitive value)
      + version_id     = (known after apply)
      + version_stages = (known after apply)
    }

  # module.rds.aws_secretsmanager_secret_version.proxy_connection_string will be created
  + resource "aws_secretsmanager_secret_version" "proxy_connection_string" {
      + arn            = (known after apply)
      + id             = (known after apply)
      + secret_id      = (known after apply)
      + secret_string  = (sensitive value)
      + version_id     = (known after apply)
      + version_stages = (known after apply)
    }

  # module.rds.aws_security_group.rds_proxy will be created
  + resource "aws_security_group" "rds_proxy" {
      + arn                    = (known after apply)
      + description            = "The Security group that allows communication between the proxy and the database"
      + egress                 = [
          + {
              + cidr_blocks      = []
              + description      = ""
              + from_port        = 5432
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "tcp"
              + security_groups  = []
              + self             = true
              + to_port          = 5432
            },
        ]
      + id                     = (known after apply)
      + ingress                = [
          + {
              + cidr_blocks      = []
              + description      = ""
              + from_port        = 5432
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "tcp"
              + security_groups  = []
              + self             = true
              + to_port          = 5432
            },
        ]
      + name                   = "test-rds_rds_proxy_sg"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags                   = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds_rds_proxy_sg"
          + "Terraform"  = "true"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds_rds_proxy_sg"
          + "Terraform"  = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # module.rds.random_string.random will be created
  + resource "random_string" "random" {
      + id          = (known after apply)
      + length      = 6
      + lower       = true
      + min_lower   = 0
      + min_numeric = 0
      + min_special = 0
      + min_upper   = 0
      + number      = true
      + numeric     = true
      + result      = (known after apply)
      + special     = false
      + upper       = false
    }

  # module.vpc.aws_default_network_acl.default will be created
  + resource "aws_default_network_acl" "default" {
      + arn                    = (known after apply)
      + default_network_acl_id = (known after apply)
      + id                     = (known after apply)
      + owner_id               = (known after apply)
      + tags                   = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_default_nacl"
          + "Terraform"  = "true"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_default_nacl"
          + "Terraform"  = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # module.vpc.aws_default_route_table.default will be created
  + resource "aws_default_route_table" "default" {
      + arn                    = (known after apply)
      + default_route_table_id = (known after apply)
      + id                     = (known after apply)
      + owner_id               = (known after apply)
      + route                  = []
      + tags                   = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
          + "name"       = "vpc_default_route_table"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
          + "name"       = "vpc_default_route_table"
        }
      + vpc_id                 = (known after apply)
    }

  # module.vpc.aws_default_security_group.default will be created
  + resource "aws_default_security_group" "default" {
      + arn                    = (known after apply)
      + description            = (known after apply)
      + egress                 = (known after apply)
      + id                     = (known after apply)
      + ingress                = (known after apply)
      + name                   = (known after apply)
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags                   = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_default_sg"
          + "Terraform"  = "true"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_default_sg"
          + "Terraform"  = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # module.vpc.aws_internet_gateway.gw will be created
  + resource "aws_internet_gateway" "gw" {
      + arn      = (known after apply)
      + id       = (known after apply)
      + owner_id = (known after apply)
      + tags     = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_internet_gateway"
          + "Terraform"  = "true"
        }
      + tags_all = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_internet_gateway"
          + "Terraform"  = "true"
        }
      + vpc_id   = (known after apply)
    }

  # module.vpc.aws_nat_gateway.nat_gw[0] will be created
  + resource "aws_nat_gateway" "nat_gw" {
      + connectivity_type    = "private"
      + id                   = (known after apply)
      + network_interface_id = (known after apply)
      + private_ip           = (known after apply)
      + public_ip            = (known after apply)
      + subnet_id            = (known after apply)
      + tags                 = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-0"
          + "Terraform"  = "true"
        }
      + tags_all             = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-0"
          + "Terraform"  = "true"
        }
    }

  # module.vpc.aws_nat_gateway.nat_gw[1] will be created
  + resource "aws_nat_gateway" "nat_gw" {
      + connectivity_type    = "private"
      + id                   = (known after apply)
      + network_interface_id = (known after apply)
      + private_ip           = (known after apply)
      + public_ip            = (known after apply)
      + subnet_id            = (known after apply)
      + tags                 = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-1"
          + "Terraform"  = "true"
        }
      + tags_all             = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-1"
          + "Terraform"  = "true"
        }
    }

  # module.vpc.aws_nat_gateway.nat_gw[2] will be created
  + resource "aws_nat_gateway" "nat_gw" {
      + connectivity_type    = "private"
      + id                   = (known after apply)
      + network_interface_id = (known after apply)
      + private_ip           = (known after apply)
      + public_ip            = (known after apply)
      + subnet_id            = (known after apply)
      + tags                 = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-2"
          + "Terraform"  = "true"
        }
      + tags_all             = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-2"
          + "Terraform"  = "true"
        }
    }

  # module.vpc.aws_network_acl.main will be created
  + resource "aws_network_acl" "main" {
      + arn        = (known after apply)
      + egress     = (known after apply)
      + id         = (known after apply)
      + ingress    = (known after apply)
      + owner_id   = (known after apply)
      + subnet_ids = (known after apply)
      + tags       = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_main_nacl"
          + "Terraform"  = "true"
        }
      + tags_all   = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_main_nacl"
          + "Terraform"  = "true"
        }
      + vpc_id     = (known after apply)
    }

  # module.vpc.aws_network_acl_rule.block_rdp[0] will be created
  + resource "aws_network_acl_rule" "block_rdp" {
      + cidr_block     = "10.0.0.0/16"
      + egress         = false
      + from_port      = 3389
      + id             = (known after apply)
      + network_acl_id = (known after apply)
      + protocol       = "tcp"
      + rule_action    = "deny"
      + rule_number    = 51
      + to_port        = 3389
    }

  # module.vpc.aws_network_acl_rule.block_ssh[0] will be created
  + resource "aws_network_acl_rule" "block_ssh" {
      + cidr_block     = "10.0.0.0/16"
      + egress         = false
      + from_port      = 22
      + id             = (known after apply)
      +...
Show Conftest results 
18 tests, 18 passed, 0 warnings, 0 failures, 0 exceptions

@github-actions
Copy link

Test changes

✅   Terraform Format: success
✅   Terraform Plan: success
✅   Conftest: success

Plan: 1 to add, 0 to change, 0 to destroy
Show plan 
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # random_id.id will be created
  + resource "random_id" "id" {
      + b64_std     = (known after apply)
      + b64_url     = (known after apply)
      + byte_length = 8
      + dec         = (known after apply)
      + hex         = (known after apply)
      + id          = (known after apply)
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Changes to Outputs:
  + id = (known after apply)

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: plan.tfplan

To perform exactly these actions, run the following command to apply:
    terraform apply "plan.tfplan"
Show Conftest results 
18 tests, 18 passed, 0 warnings, 0 failures, 0 exceptions

@github-actions
Copy link

Test conftest-deny

✅   Terraform Format: success
✅   Terraform Plan: success
❌   Conftest: failed

Plan: 49 to add, 0 to change, 0 to destroy

✂   Warning: plan has been truncated! See the full plan in the logs.

Show plan 
Resource actions are indicated with the following symbols:
  + create
 <= read (data resources)

Terraform will perform the following actions:

  # module.rds.data.aws_iam_policy_document.read_connection_string will be read during apply
  # (config refers to values not yet known)
 <= data "aws_iam_policy_document" "read_connection_string"  {
      + id   = (known after apply)
      + json = (known after apply)

      + statement {
          + actions   = [
              + "secretsmanager:DescribeSecret",
              + "secretsmanager:GetResourcePolicy",
              + "secretsmanager:GetSecretValue",
              + "secretsmanager:ListSecretVersionIds",
            ]
          + effect    = "Allow"
          + resources = [
              + (known after apply),
            ]
          + sid       = "0"
        }
      + statement {
          + actions   = [
              + "secretsmanager:ListSecrets",
            ]
          + effect    = "Allow"
          + resources = [
              + "*",
            ]
          + sid       = "1"
        }
      + statement {
          + actions   = [
              + "kms:Decrypt",
            ]
          + effect    = "Allow"
          + resources = [
              + "*",
            ]
          + sid       = "2"

          + condition {
              + test     = "StringEquals"
              + values   = [
                  + "secretsmanager.ca-central-1.amazonaws.com",
                ]
              + variable = "kms:ViaService"
            }
        }
    }

  # module.rds.aws_cloudwatch_log_group.proxy will be created
  + resource "aws_cloudwatch_log_group" "proxy" {
      + arn               = (known after apply)
      + id                = (known after apply)
      + name              = "/aws/rds/proxy/test-rds-proxy"
      + retention_in_days = 14
      + tags              = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds_proxy_logs"
          + "Terraform"  = "true"
        }
      + tags_all          = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds_proxy_logs"
          + "Terraform"  = "true"
        }
    }

  # module.rds.aws_db_proxy.proxy will be created
  + resource "aws_db_proxy" "proxy" {
      + arn                    = (known after apply)
      + debug_logging          = false
      + endpoint               = (known after apply)
      + engine_family          = "POSTGRESQL"
      + id                     = (known after apply)
      + idle_client_timeout    = 1800
      + name                   = "test-rds-proxy"
      + require_tls            = true
      + role_arn               = (known after apply)
      + tags                   = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-rds-proxy"
          + "Terraform"  = "true"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-rds-proxy"
          + "Terraform"  = "true"
        }
      + vpc_security_group_ids = (known after apply)
      + vpc_subnet_ids         = (known after apply)

      + auth {
          + auth_scheme = "SECRETS"
          + description = "The database connection string"
          + iam_auth    = "DISABLED"
          + secret_arn  = (known after apply)
        }
    }

  # module.rds.aws_db_proxy_default_target_group.this will be created
  + resource "aws_db_proxy_default_target_group" "this" {
      + arn           = (known after apply)
      + db_proxy_name = "test-rds-proxy"
      + id            = (known after apply)
      + name          = (known after apply)

      + connection_pool_config {
          + connection_borrow_timeout    = (known after apply)
          + init_query                   = (known after apply)
          + max_connections_percent      = (known after apply)
          + max_idle_connections_percent = (known after apply)
          + session_pinning_filters      = (known after apply)
        }
    }

  # module.rds.aws_db_proxy_target.target will be created
  + resource "aws_db_proxy_target" "target" {
      + db_cluster_identifier = (known after apply)
      + db_proxy_name         = "test-rds-proxy"
      + endpoint              = (known after apply)
      + id                    = (known after apply)
      + port                  = (known after apply)
      + rds_resource_id       = (known after apply)
      + target_arn            = (known after apply)
      + target_group_name     = (known after apply)
      + tracked_cluster_id    = (known after apply)
      + type                  = (known after apply)
    }

  # module.rds.aws_db_subnet_group.rds will be created
  + resource "aws_db_subnet_group" "rds" {
      + arn                     = (known after apply)
      + description             = "Managed by Terraform"
      + id                      = (known after apply)
      + name                    = "test-rds-subnet-group"
      + name_prefix             = (known after apply)
      + subnet_ids              = (known after apply)
      + supported_network_types = (known after apply)
      + tags                    = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-subnet-group"
          + "Terraform"  = "true"
        }
      + tags_all                = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-subnet-group"
          + "Terraform"  = "true"
        }
    }

  # module.rds.aws_iam_policy.read_connection_string will be created
  + resource "aws_iam_policy" "read_connection_string" {
      + arn       = (known after apply)
      + id        = (known after apply)
      + name      = "test-rdsReadConnectionString"
      + path      = "/"
      + policy    = (known after apply)
      + policy_id = (known after apply)
      + tags      = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + tags_all  = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
    }

  # module.rds.aws_iam_role.rds_proxy will be created
  + resource "aws_iam_role" "rds_proxy" {
      + arn                   = (known after apply)
      + assume_role_policy    = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "sts:AssumeRole"
                      + Effect    = "Allow"
                      + Principal = {
                          + Service = "rds.amazonaws.com"
                        }
                      + Sid       = "RDSAssume"
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + create_date           = (known after apply)
      + force_detach_policies = false
      + id                    = (known after apply)
      + managed_policy_arns   = (known after apply)
      + max_session_duration  = 3600
      + name                  = "test-rds_rds_proxy"
      + name_prefix           = (known after apply)
      + path                  = "/"
      + tags                  = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + tags_all              = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + unique_id             = (known after apply)

      + inline_policy {
          + name   = (known after apply)
          + policy = (known after apply)
        }
    }

  # module.rds.aws_iam_role_policy_attachment.read_connection_string will be created
  + resource "aws_iam_role_policy_attachment" "read_connection_string" {
      + id         = (known after apply)
      + policy_arn = (known after apply)
      + role       = "test-rds_rds_proxy"
    }

  # module.rds.aws_rds_cluster.cluster will be created
  + resource "aws_rds_cluster" "cluster" {
      + allocated_storage               = (known after apply)
      + allow_major_version_upgrade     = false
      + apply_immediately               = false
      + arn                             = (known after apply)
      + availability_zones              = (known after apply)
      + backup_retention_period         = 7
      + cluster_identifier              = "test-rds-cluster"
      + cluster_identifier_prefix       = (known after apply)
      + cluster_members                 = (known after apply)
      + cluster_resource_id             = (known after apply)
      + copy_tags_to_snapshot           = false
      + database_name                   = "foo"
      + db_cluster_parameter_group_name = (known after apply)
      + db_subnet_group_name            = "test-rds-subnet-group"
      + deletion_protection             = true
      + enable_global_write_forwarding  = false
      + enable_http_endpoint            = false
      + endpoint                        = (known after apply)
      + engine                          = "aurora-postgresql"
      + engine_mode                     = "provisioned"
      + engine_version                  = "13.3"
      + engine_version_actual           = (known after apply)
      + final_snapshot_identifier       = (known after apply)
      + hosted_zone_id                  = (known after apply)
      + iam_roles                       = (known after apply)
      + id                              = (known after apply)
      + kms_key_id                      = (known after apply)
      + master_password                 = (sensitive value)
      + master_username                 = "cal"
      + network_type                    = (known after apply)
      + port                            = (known after apply)
      + preferred_backup_window         = "07:00-09:00"
      + preferred_maintenance_window    = (known after apply)
      + reader_endpoint                 = (known after apply)
      + skip_final_snapshot             = false
      + storage_encrypted               = true
      + tags                            = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-cluster"
          + "Terraform"  = "true"
        }
      + tags_all                        = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-cluster"
          + "Terraform"  = "true"
        }
      + vpc_security_group_ids          = (known after apply)
    }

  # module.rds.aws_rds_cluster_instance.instances[0] will be created
  + resource "aws_rds_cluster_instance" "instances" {
      + apply_immediately                     = (known after apply)
      + arn                                   = (known after apply)
      + auto_minor_version_upgrade            = true
      + availability_zone                     = (known after apply)
      + ca_cert_identifier                    = (known after apply)
      + cluster_identifier                    = (known after apply)
      + copy_tags_to_snapshot                 = false
      + db_parameter_group_name               = (known after apply)
      + db_subnet_group_name                  = "test-rds-subnet-group"
      + dbi_resource_id                       = (known after apply)
      + endpoint                              = (known after apply)
      + engine                                = "aurora-postgresql"
      + engine_version                        = "13.3"
      + engine_version_actual                 = (known after apply)
      + id                                    = (known after apply)
      + identifier                            = "test-rds-instance-0"
      + identifier_prefix                     = (known after apply)
      + instance_class                        = "db.t3.medium"
      + kms_key_id                            = (known after apply)
      + monitoring_interval                   = 0
      + monitoring_role_arn                   = (known after apply)
      + network_type                          = (known after apply)
      + performance_insights_enabled          = true
      + performance_insights_kms_key_id       = (known after apply)
      + performance_insights_retention_period = (known after apply)
      + port                                  = (known after apply)
      + preferred_backup_window               = (known after apply)
      + preferred_maintenance_window          = (known after apply)
      + promotion_tier                        = 0
      + publicly_accessible                   = false
      + storage_encrypted                     = (known after apply)
      + tags                                  = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-0"
          + "Terraform"  = "true"
        }
      + tags_all                              = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-0"
          + "Terraform"  = "true"
        }
      + writer                                = (known after apply)
    }

  # module.rds.aws_rds_cluster_instance.instances[1] will be created
  + resource "aws_rds_cluster_instance" "instances" {
      + apply_immediately                     = (known after apply)
      + arn                                   = (known after apply)
      + auto_minor_version_upgrade            = true
      + availability_zone                     = (known after apply)
      + ca_cert_identifier                    = (known after apply)
      + cluster_identifier                    = (known after apply)
      + copy_tags_to_snapshot                 = false
      + db_parameter_group_name               = (known after apply)
      + db_subnet_group_name                  = "test-rds-subnet-group"
      + dbi_resource_id                       = (known after apply)
      + endpoint                              = (known after apply)
      + engine                                = "aurora-postgresql"
      + engine_version                        = "13.3"
      + engine_version_actual                 = (known after apply)
      + id                                    = (known after apply)
      + identifier                            = "test-rds-instance-1"
      + identifier_prefix                     = (known after apply)
      + instance_class                        = "db.t3.medium"
      + kms_key_id                            = (known after apply)
      + monitoring_interval                   = 0
      + monitoring_role_arn                   = (known after apply)
      + network_type                          = (known after apply)
      + performance_insights_enabled          = true
      + performance_insights_kms_key_id       = (known after apply)
      + performance_insights_retention_period = (known after apply)
      + port                                  = (known after apply)
      + preferred_backup_window               = (known after apply)
      + preferred_maintenance_window          = (known after apply)
      + promotion_tier                        = 0
      + publicly_accessible                   = false
      + storage_encrypted                     = (known after apply)
      + tags                                  = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-1"
          + "Terraform"  = "true"
        }
      + tags_all                              = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-1"
          + "Terraform"  = "true"
        }
      + writer                                = (known after apply)
    }

  # module.rds.aws_rds_cluster_instance.instances[2] will be created
  + resource "aws_rds_cluster_instance" "instances" {
      + apply_immediately                     = (known after apply)
      + arn                                   = (known after apply)
      + auto_minor_version_upgrade            = true
      + availability_zone                     = (known after apply)
      + ca_cert_identifier                    = (known after apply)
      + cluster_identifier                    = (known after apply)
      + copy_tags_to_snapshot                 = false
      + db_parameter_group_name               = (known after apply)
      + db_subnet_group_name                  = "test-rds-subnet-group"
      + dbi_resource_id                       = (known after apply)
      + endpoint                              = (known after apply)
      + engine                                = "aurora-postgresql"
      + engine_version                        = "13.3"
      + engine_version_actual                 = (known after apply)
      + id                                    = (known after apply)
      + identifier                            = "test-rds-instance-2"
      + identifier_prefix                     = (known after apply)
      + instance_class                        = "db.t3.medium"
      + kms_key_id                            = (known after apply)
      + monitoring_interval                   = 0
      + monitoring_role_arn                   = (known after apply)
      + network_type                          = (known after apply)
      + performance_insights_enabled          = true
      + performance_insights_kms_key_id       = (known after apply)
      + performance_insights_retention_period = (known after apply)
      + port                                  = (known after apply)
      + preferred_backup_window               = (known after apply)
      + preferred_maintenance_window          = (known after apply)
      + promotion_tier                        = 0
      + publicly_accessible                   = false
      + storage_encrypted                     = (known after apply)
      + tags                                  = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-2"
          + "Terraform"  = "true"
        }
      + tags_all                              = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-2"
          + "Terraform"  = "true"
        }
      + writer                                = (known after apply)
    }

  # module.rds.aws_secretsmanager_secret.connection_string will be created
  + resource "aws_secretsmanager_secret" "connection_string" {
      + arn                            = (known after apply)
      + force_overwrite_replica_secret = false
      + id                             = (known after apply)
      + name                           = (known after apply)
      + name_prefix                    = (known after apply)
      + policy                         = (known after apply)
      + recovery_window_in_days        = 30
      + rotation_enabled               = (known after apply)
      + rotation_lambda_arn            = (known after apply)
      + tags                           = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + tags_all                       = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }

      + replica {
          + kms_key_id         = (known after apply)
          + last_accessed_date = (known after apply)
          + region             = (known after apply)
          + status             = (known after apply)
          + status_message     = (known after apply)
        }

      + rotation_rules {
          + automatically_after_days = (known after apply)
        }
    }

  # module.rds.aws_secretsmanager_secret.proxy_connection_string will be created
  + resource "aws_secretsmanager_secret" "proxy_connection_string" {
      + arn                            = (known after apply)
      + force_overwrite_replica_secret = false
      + id                             = (known after apply)
      + name                           = (known after apply)
      + name_prefix                    = (known after apply)
      + policy                         = (known after apply)
      + recovery_window_in_days        = 30
      + rotation_enabled               = (known after apply)
      + rotation_lambda_arn            = (known after apply)
      + tags                           = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + tags_all                       = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }

      + replica {
          + kms_key_id         = (known after apply)
          + last_accessed_date = (known after apply)
          + region             = (known after apply)
          + status             = (known after apply)
          + status_message     = (known after apply)
        }

      + rotation_rules {
          + automatically_after_days = (known after apply)
        }
    }

  # module.rds.aws_secretsmanager_secret_version.connection_string will be created
  + resource "aws_secretsmanager_secret_version" "connection_string" {
      + arn            = (known after apply)
      + id             = (known after apply)
      + secret_id      = (known after apply)
      + secret_string  = (sensitive value)
      + version_id     = (known after apply)
      + version_stages = (known after apply)
    }

  # module.rds.aws_secretsmanager_secret_version.proxy_connection_string will be created
  + resource "aws_secretsmanager_secret_version" "proxy_connection_string" {
      + arn            = (known after apply)
      + id             = (known after apply)
      + secret_id      = (known after apply)
      + secret_string  = (sensitive value)
      + version_id     = (known after apply)
      + version_stages = (known after apply)
    }

  # module.rds.aws_security_group.rds_proxy will be created
  + resource "aws_security_group" "rds_proxy" {
      + arn                    = (known after apply)
      + description            = "The Security group that allows communication between the proxy and the database"
      + egress                 = [
          + {
              + cidr_blocks      = []
              + description      = ""
              + from_port        = 5432
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "tcp"
              + security_groups  = []
              + self             = true
              + to_port          = 5432
            },
        ]
      + id                     = (known after apply)
      + ingress                = [
          + {
              + cidr_blocks      = []
              + description      = ""
              + from_port        = 5432
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "tcp"
              + security_groups  = []
              + self             = true
              + to_port          = 5432
            },
        ]
      + name                   = "test-rds_rds_proxy_sg"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags                   = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds_rds_proxy_sg"
          + "Terraform"  = "true"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds_rds_proxy_sg"
          + "Terraform"  = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # module.rds.random_string.random will be created
  + resource "random_string" "random" {
      + id          = (known after apply)
      + length      = 6
      + lower       = true
      + min_lower   = 0
      + min_numeric = 0
      + min_special = 0
      + min_upper   = 0
      + number      = true
      + numeric     = true
      + result      = (known after apply)
      + special     = false
      + upper       = false
    }

  # module.vpc.aws_default_network_acl.default will be created
  + resource "aws_default_network_acl" "default" {
      + arn                    = (known after apply)
      + default_network_acl_id = (known after apply)
      + id                     = (known after apply)
      + owner_id               = (known after apply)
      + tags                   = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_default_nacl"
          + "Terraform"  = "true"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_default_nacl"
          + "Terraform"  = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # module.vpc.aws_default_route_table.default will be created
  + resource "aws_default_route_table" "default" {
      + arn                    = (known after apply)
      + default_route_table_id = (known after apply)
      + id                     = (known after apply)
      + owner_id               = (known after apply)
      + route                  = []
      + tags                   = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
          + "name"       = "vpc_default_route_table"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
          + "name"       = "vpc_default_route_table"
        }
      + vpc_id                 = (known after apply)
    }

  # module.vpc.aws_default_security_group.default will be created
  + resource "aws_default_security_group" "default" {
      + arn                    = (known after apply)
      + description            = (known after apply)
      + egress                 = (known after apply)
      + id                     = (known after apply)
      + ingress                = (known after apply)
      + name                   = (known after apply)
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags                   = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_default_sg"
          + "Terraform"  = "true"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_default_sg"
          + "Terraform"  = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # module.vpc.aws_internet_gateway.gw will be created
  + resource "aws_internet_gateway" "gw" {
      + arn      = (known after apply)
      + id       = (known after apply)
      + owner_id = (known after apply)
      + tags     = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_internet_gateway"
          + "Terraform"  = "true"
        }
      + tags_all = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_internet_gateway"
          + "Terraform"  = "true"
        }
      + vpc_id   = (known after apply)
    }

  # module.vpc.aws_nat_gateway.nat_gw[0] will be created
  + resource "aws_nat_gateway" "nat_gw" {
      + connectivity_type    = "private"
      + id                   = (known after apply)
      + network_interface_id = (known after apply)
      + private_ip           = (known after apply)
      + public_ip            = (known after apply)
      + subnet_id            = (known after apply)
      + tags                 = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-0"
          + "Terraform"  = "true"
        }
      + tags_all             = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-0"
          + "Terraform"  = "true"
        }
    }

  # module.vpc.aws_nat_gateway.nat_gw[1] will be created
  + resource "aws_nat_gateway" "nat_gw" {
      + connectivity_type    = "private"
      + id                   = (known after apply)
      + network_interface_id = (known after apply)
      + private_ip           = (known after apply)
      + public_ip            = (known after apply)
      + subnet_id            = (known after apply)
      + tags                 = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-1"
          + "Terraform"  = "true"
        }
      + tags_all             = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-1"
          + "Terraform"  = "true"
        }
    }

  # module.vpc.aws_nat_gateway.nat_gw[2] will be created
  + resource "aws_nat_gateway" "nat_gw" {
      + connectivity_type    = "private"
      + id                   = (known after apply)
      + network_interface_id = (known after apply)
      + private_ip           = (known after apply)
      + public_ip            = (known after apply)
      + subnet_id            = (known after apply)
      + tags                 = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-2"
          + "Terraform"  = "true"
        }
      + tags_all             = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-2"
          + "Terraform"  = "true"
        }
    }

  # module.vpc.aws_network_acl.main will be created
  + resource "aws_network_acl" "main" {
      + arn        = (known after apply)
      + egress     = (known after apply)
      + id         = (known after apply)
      + ingress    = (known after apply)
      + owner_id   = (known after apply)
      + subnet_ids = (known after apply)
      + tags       = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_main_nacl"
          + "Terraform"  = "true"
        }
      + tags_all   = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_main_nacl"
          + "Terraform"  = "true"
        }
      + vpc_id     = (known after apply)
    }

  # module.vpc.aws_network_acl_rule.block_rdp[0] will be created
  + resource "aws_network_acl_rule" "block_rdp" {
      + cidr_block     = "10.0.0.0/16"
      + egress         = false
      + from_port      = 3389
      + id             = (known after apply)
      + network_acl_id = (known after apply)
      + protocol       = "tcp"
      + rule_action    = "deny"
      + rule_number    = 51
      + to_port        = 3389
    }

  # module.vpc.aws_network_acl_rule.block_ssh[0] will be created
  + resource "aws_network_acl_rule" "block_ssh" {
      + cidr_block     = "10.0.0.0/16"
      + egress         = false
      + from_port      = 22
      + id             = (known after apply)
      +...
Show Conftest results 
FAIL - plan.json - main - Postgresql main password > 8 characters: ["module.rds.aws_rds_cluster.cluster"]

18 tests, 17 passed, 0 warnings, 1 failure, 0 exceptions

patheard
patheard approved these changes Oct 25, 2022
View reviewed changes
Copy link
Member

@patheard patheard left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤖

@patheard patheard merged commit 95d90e5 into main Oct 25, 2022
@patheard patheard deleted the renovate/all-minor branch October 25, 2022 00:50
@patheard
Copy link
Member

  • cds-snc/platform-core-services#142

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@patheard patheard patheard approved these changes

Assignees
No one assigned
Labels
Dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@patheard