Skip to content

Commit

Permalink
Merge pull request #16255 from CDCgov/ms/devsecops/tf-timeouts
Browse files Browse the repository at this point in the history 
adding sftp timeouts, addressing some drift
  • Loading branch information
@devopsmatt
devopsmatt authored Oct 17, 2024
2 parents 2bc83f9 + 040c7f5 commit a14e8ee
Show file tree
Hide file tree
Showing 3 changed files with 48 additions and 0 deletions.
22 changes: 22 additions & 0 deletions operations/app/terraform/modules/sftp/storage.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ resource "azurerm_storage_account" "sftp" {
account_replication_type = "GRS"
min_tls_version = "TLS1_2"
allow_nested_items_to_be_public = false
large_file_share_enabled = false

network_rules {
default_action = "Allow"
Expand All @@ -19,20 +20,41 @@ resource "azurerm_storage_account" "sftp" {
tags = {
environment = var.environment
}

timeouts {
create = var.timeout_create
read = var.timeout_read
delete = var.timeout_delete
update = var.timeout_update
}
}

# SSH host keys share
resource "azurerm_storage_share" "sftp_admin" {
name = "${var.resource_prefix}-sftp-admin-share"
storage_account_name = azurerm_storage_account.sftp.name
quota = 1

timeouts {
create = var.timeout_create
read = var.timeout_read
delete = var.timeout_delete
update = var.timeout_update
}
}

# SFTP startup scripts share
resource "azurerm_storage_share" "sftp_scripts" {
name = "${var.resource_prefix}-sftp-scripts-share"
storage_account_name = azurerm_storage_account.sftp.name
quota = 1

timeouts {
create = var.timeout_create
read = var.timeout_read
delete = var.timeout_delete
update = var.timeout_update
}
}

# SFTP startup script
Expand Down
25 changes: 25 additions & 0 deletions operations/app/terraform/modules/sftp/~inputs.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,3 +60,28 @@ variable "sshinstances" {
variable "sftp_dir" {
description = "SFTP Script Directory"
}

# TF timeouts for storage operations
variable "timeout_create" {
description = "Timeout for create operations"
type = string
default = "60m" # module default 30m
}

variable "timeout_read" {
description = "Timeout for read operations"
type = string
default = "60m" # module default 5m
}

variable "timeout_update" {
description = "Timeout for update operations"
type = string
default = "60m" # module default 30m
}

variable "timeout_delete" {
description = "Timeout for delete operations"
type = string
default = "60m" # module default 30m
}
1 change: 1 addition & 0 deletions operations/app/terraform/modules/storage/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -175,6 +175,7 @@ resource "azurerm_storage_account" "storage_public" {
allow_nested_items_to_be_public = false
https_traffic_only_enabled = true
local_user_enabled = false
large_file_share_enabled = false

static_website {
index_document = "index.html"
Expand Down

0 comments on commit a14e8ee

Please sign in to comment.