From 224377c2bcea9f075f525c7458facbba648d0fa1 Mon Sep 17 00:00:00 2001 From: Dominic Robinson <65237317+drobinson-moj@users.noreply.github.com> Date: Wed, 4 Dec 2024 13:13:53 +0000 Subject: [PATCH] ncr: TM-738: efs backup fix (#8963) * opt into daily and weekly backup * disable default backup * fix --- .../nomis-combined-reporting/locals_efs.tf | 3 ++- terraform/modules/efs/main.tf | 11 ++++++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/terraform/environments/nomis-combined-reporting/locals_efs.tf b/terraform/environments/nomis-combined-reporting/locals_efs.tf index 5d86653b1d1..5d1a7aa8e3d 100644 --- a/terraform/environments/nomis-combined-reporting/locals_efs.tf +++ b/terraform/environments/nomis-combined-reporting/locals_efs.tf @@ -30,7 +30,8 @@ locals { security_groups = ["bip"] }] tags = { - backup = "false" + backup = "false" + backup-plan = "daily-and-weekly" } } } diff --git a/terraform/modules/efs/main.tf b/terraform/modules/efs/main.tf index f9c8f010096..155fb169d7c 100644 --- a/terraform/modules/efs/main.tf +++ b/terraform/modules/efs/main.tf @@ -41,7 +41,7 @@ resource "aws_efs_file_system" "this" { provisioned_throughput_in_mibps = var.file_system.provisioned_throughput_in_mibps throughput_mode = var.file_system.throughput_mode - # annoyingly you have to define each option as separate block + # annoyingly you have to define each option as separate block dynamic "lifecycle_policy" { for_each = var.file_system.lifecycle_policy.transition_to_archive != null ? [var.file_system.lifecycle_policy] : [] content { @@ -66,6 +66,15 @@ resource "aws_efs_file_system" "this" { }) } +# disable automatic backups - use mod platform everything vault instead +resource "aws_efs_backup_policy" "policy" { + file_system_id = aws_efs_file_system.this.id + + backup_policy { + status = "DISABLED" + } +} + data "aws_iam_policy_document" "this" { count = var.policy != null ? 1 : 0