Merge pull request #3011 from uktrade/feat/only-peer-with-paas-if-con…

…figured

feat: only configure with PaaS if configured

infra/security_groups.tf

@@ -1578,6 +1578,7 @@ resource "aws_security_group_rule" "datasets_db_ingress_postgres_from_notebooks"
 }
 
 resource "aws_security_group_rule" "datasets_db_ingress_postgres_from_paas" {
+  count = var.paas_cidr_block != "" ? 1 : 0
   description = "ingress-postgres-from-paas"
 
   security_group_id = "${aws_security_group.datasets.id}"
@@ -1639,6 +1640,7 @@ resource "aws_security_group_rule" "elasticsearch_ingress_from_admin" {
 }
 
 resource "aws_security_group_rule" "elasticsearch_ingress_from_paas" {
+  count = var.paas_cidr_block != "" ? 1 : 0
   description = "ingress-elasticsearch-https-from-paas-ie-data-flow"
 
   security_group_id = "${aws_security_group.datasets.id}"

infra/vpc.tf

@@ -384,6 +384,7 @@ resource "aws_main_route_table_association" "datasets" {
 }
 
 resource "aws_route" "pcx_datasets_to_paas" {
+  count = var.paas_cidr_block != "" ? 1 : 0
   route_table_id            = "${aws_route_table.datasets.id}"
   destination_cidr_block    = "${var.paas_cidr_block}"
   vpc_peering_connection_id = "${aws_vpc_peering_connection.datasets_to_paas.id}"