diff --git a/.gitignore b/.gitignore index 56bf8f4..aa3b8f5 100644 --- a/.gitignore +++ b/.gitignore @@ -159,4 +159,6 @@ cython_debug/ # be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore # and can be added to the global gitignore or merged into this file. For a more nuclear # option (not recommended) you can uncomment the following to ignore the entire idea folder. -.idea/ \ No newline at end of file +.idea/ + +.terraform \ No newline at end of file diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl new file mode 100644 index 0000000..9136804 --- /dev/null +++ b/terraform/.terraform.lock.hcl @@ -0,0 +1,43 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/archive" { + version = "2.4.2" + hashes = [ + "h1:WfIjVbYA9s/uN2FwhGoiffT7CLFydy7MT1waFbt9YrY=", + "zh:08faed7c9f42d82bc3d406d0d9d4971e2d1c2d34eae268ad211b8aca57b7f758", + "zh:3564112ed2d097d7e0672378044a69b06642c326f6f1584d81c7cdd32ebf3a08", + "zh:53cd9afd223c15828c1916e68cb728d2be1cbccb9545568d6c2b122d0bac5102", + "zh:5ae4e41e3a1ce9d40b6458218a85bbde44f21723943982bca4a3b8bb7c103670", + "zh:5b65499218b315b96e95c5d3463ea6d7c66245b59461217c99eaa1611891cd2c", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:7f45b35a8330bebd184c2545a41782ff58240ed6ba947274d9881dd5da44b02e", + "zh:87e67891033214e55cfead1391d68e6a3bf37993b7607753237e82aa3250bb71", + "zh:de3590d14037ad81fc5cedf7cfa44614a92452d7b39676289b704a962050bc5e", + "zh:e7e6f2ea567f2dbb3baa81c6203be69f9cd6aeeb01204fd93e3cf181e099b610", + "zh:fd24d03c89a7702628c2e5a3c732c0dede56fa75a08da4a1efe17b5f881c88e2", + "zh:febf4b7b5f3ff2adff0573ef6361f09b6638105111644bdebc0e4f575373935f", + ] +} + +provider "registry.terraform.io/hashicorp/aws" { + version = "5.57.0" + hashes = [ + "h1:9yi3yb3XOMjj/xsSbOfscfmQzPUQ7sZqSYSBfGSfkBA=", + "zh:03761bedb72290599aef0040d3cefb77842f0ef4338673a7e5b53557b0ca4960", + "zh:1c70c050116370688abd239979b06f33c5c8cb7f6e59e89f60cf08ee01666064", + "zh:1cc3b259028a65b2f68ffc25df876bbb0f46d108f262b8ec7c56fc597ac697af", + "zh:3bcdf1415b37f39b71e07d4d92977cf8697f07602382d63687d5f683fee0231a", + "zh:40b1774a2cacc84002ac88ef30fb017c273009456d7a1f9f7c5a4a057041ec75", + "zh:46d51fa066c6441594a1e242c9491cc31dbb2dc85f1acf8bc54ad6faa4de524b", + "zh:550e5635b0cd5d98fa66c2afd5dbb1563a8e019be9f760bd1543fbcca763f0c1", + "zh:7acc8357b5e02ed3eb478125614d049511d6faeb9850c084d6e6519db875f0d1", + "zh:7f7367299811ddf5560a0586e525d57dd52f1a0ca37e42e2c5284308069bf2b6", + "zh:8766cc10c83b1fc2e971c4e645bc4d3c871d4758eb54b0a3216600c66e3db681", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:a1e85b1fb9004d8ffab7600304e02bce4aa14cea9f0ad77fbd7b84aae6390760", + "zh:bcf2fc83bd9e20e5a930d9d596eb813c319f2b007c620b1818e574c1702eb9a9", + "zh:d2538fcb20dc2afc04b716f67969944eef7f4fc4296410116d5b7af1811100f2", + "zh:e0e47c5d8710bbfcfe4db1cfa81c67e320056006d08063e69640cd2d492c6f64", + ] +} diff --git a/terraform/lambda.zip b/terraform/lambda.zip new file mode 100644 index 0000000..96654cf Binary files /dev/null and b/terraform/lambda.zip differ diff --git a/terraform/main.tf b/terraform/main.tf new file mode 100644 index 0000000..5325e07 --- /dev/null +++ b/terraform/main.tf @@ -0,0 +1,36 @@ +locals { + event_batching_window_timeout = 20 + lambda_timeout = 120 //two minutes + + # The lambda event source pulls messages from SQS in batches, finally triggering the lambda + # when either it has enough messages, or enough time has elapsed. + # A message becomes invisible when it joins the event source buffer, so could wait for + # the whole timeout window plus the whole execution time before being confirmed. + # The value of visibility timeout must be at least 20 seconds more than the lambda timeout + # This doesn't necessarily need to exist with a longer batching window, but + # always adding 20 here should mean that you can safely set batching window to 0 + # if you wish. + # See: https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html + # "Lambda might wait for up to 20 seconds before invoking your function." + queue_visibility_timeout = local.event_batching_window_timeout + local.lambda_timeout + 20 +} + +data "archive_file" "lambda_zip" { + type = "zip" + output_path = "lambda.zip" + source_dir = "../src" +} + +module "staging_lambda" { + source = "./modules/transferrer_pipe" + environment = "staging" + queue_visibility_timeout = local.queue_visibility_timeout + lambda_zip = data.archive_file.lambda_zip +} + +module "production_lambda" { + source = "./modules/transferrer_pipe" + environment = "production" + queue_visibility_timeout = local.queue_visibility_timeout + lambda_zip = data.archive_file.lambda_zip +} \ No newline at end of file diff --git a/terraform/modules/notification_queue/main.tf b/terraform/modules/notification_queue/main.tf new file mode 100644 index 0000000..e87bfb4 --- /dev/null +++ b/terraform/modules/notification_queue/main.tf @@ -0,0 +1,22 @@ + +module "transfer_shoots_topic" { + source = "github.com/wellcomecollection/terraform-aws-sns-topic.git?ref=v1.0.1" + name = "transfer-shoots-${var.environment}" +} + +module "dlq_alarm_topic" { + source = "github.com/wellcomecollection/terraform-aws-sns-topic.git?ref=v1.0.1" + name = "transfer-shoots-alarm-${var.environment}" +} + +module "input_queue" { + source = "github.com/wellcomecollection/terraform-aws-sqs//queue?ref=v1.2.1" + + queue_name = "transfer-shoots-${var.environment}" + + topic_arns = [module.transfer_shoots_topic.arn] + visibility_timeout_seconds = var.queue_visibility_timeout + max_receive_count = 1 + message_retention_seconds = 1200 + alarm_topic_arn = module.dlq_alarm_topic.arn +} diff --git a/terraform/modules/notification_queue/outputs.tf b/terraform/modules/notification_queue/outputs.tf new file mode 100644 index 0000000..d8a0c89 --- /dev/null +++ b/terraform/modules/notification_queue/outputs.tf @@ -0,0 +1,3 @@ +output "queue_arn" { + value = module.input_queue.arn +} \ No newline at end of file diff --git a/terraform/modules/notification_queue/provider.tf b/terraform/modules/notification_queue/provider.tf new file mode 100644 index 0000000..7afdcf4 --- /dev/null +++ b/terraform/modules/notification_queue/provider.tf @@ -0,0 +1,7 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + } + } +} \ No newline at end of file diff --git a/terraform/modules/notification_queue/variables.tf b/terraform/modules/notification_queue/variables.tf new file mode 100644 index 0000000..f625bfb --- /dev/null +++ b/terraform/modules/notification_queue/variables.tf @@ -0,0 +1,11 @@ +variable "queue_visibility_timeout" { + type = number +} + +variable "environment" { + type = string + validation { + condition = contains(["staging", "production"], var.environment) + error_message = "environment must be one of staging or production" + } +} \ No newline at end of file diff --git a/terraform/modules/sqs_lambda_trigger/main.tf b/terraform/modules/sqs_lambda_trigger/main.tf new file mode 100644 index 0000000..814f226 --- /dev/null +++ b/terraform/modules/sqs_lambda_trigger/main.tf @@ -0,0 +1,33 @@ + +data "aws_iam_policy_document" "allow_sqs_pull" { + statement { + actions = [ + "sqs:ReceiveMessage", + "sqs:DeleteMessage", + "sqs:GetQueueAttributes" + ] + resources = [ + var.queue_arn + ] + } +} + +resource "aws_iam_role_policy" "allow_sqs_pull" { + name = "${var.trigger_name}-pull-from-queue" + role = var.role_name + policy = data.aws_iam_policy_document.allow_sqs_pull.json +} + +resource "aws_lambda_event_source_mapping" "lambda_trigger" { + event_source_arn = var.queue_arn + enabled = true + function_name = var.function_name + batch_size = var.batch_size +} + +resource "aws_lambda_permission" "allow_lambda_sqs_trigger" { + action = "lambda:InvokeFunction" + function_name = var.function_name + principal = "sqs.amazonaws.com" + source_arn = var.queue_arn +} \ No newline at end of file diff --git a/terraform/modules/sqs_lambda_trigger/provider.tf b/terraform/modules/sqs_lambda_trigger/provider.tf new file mode 100644 index 0000000..7afdcf4 --- /dev/null +++ b/terraform/modules/sqs_lambda_trigger/provider.tf @@ -0,0 +1,7 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + } + } +} \ No newline at end of file diff --git a/terraform/modules/sqs_lambda_trigger/variables.tf b/terraform/modules/sqs_lambda_trigger/variables.tf new file mode 100644 index 0000000..4a6277c --- /dev/null +++ b/terraform/modules/sqs_lambda_trigger/variables.tf @@ -0,0 +1,19 @@ +variable "queue_arn" { + type = string +} + +variable "function_name" { + type = string +} + +variable "role_name" { + type = string +} + +variable "trigger_name" { + type = string +} +variable "batch_size" { + type = number + default = 1 +} \ No newline at end of file diff --git a/terraform/modules/transferrer_lambda/main.tf b/terraform/modules/transferrer_lambda/main.tf new file mode 100644 index 0000000..259f9ee --- /dev/null +++ b/terraform/modules/transferrer_lambda/main.tf @@ -0,0 +1,71 @@ +locals { + lambda_name = "editorial-photography-transfer-${var.environment}" + lambda_timeout = 120 //two minutes + buckets = tomap( + { + staging = "wellcomecollection-archivematica-staging-transfer-source", + production = "wellcomecollection-archivematica-transfer-source" + } + ) + target_bucket = lookup(local.buckets, var.environment) + +} + + +module "transfer_lambda" { + source = "git@github.com:wellcomecollection/terraform-aws-lambda?ref=v1.2.0" + + name = local.lambda_name + runtime = "python3.12" + handler = "lambda_function.lambda_handler" + + filename = var.lambda_zip.output_path + memory_size = 512 + timeout = local.lambda_timeout + + environment = { + variables = { + ACCESSION_NUMBER = "2754" + TARGET_BUCKET = local.target_bucket + } + } + source_code_hash = var.lambda_zip.output_base64sha256 +} + +resource "aws_iam_role_policy" "write_to_archivematica_transfer_source" { + role = module.transfer_lambda.lambda_role.name + name = "write_to_archivematica_transfer_source-${var.environment}" + policy = jsonencode({ + Version = "2012-10-17" + Statement = [ + { + "Effect": "Allow", + "Action": "s3:PutObject", + "Resource": "arn:aws:s3:::${local.target_bucket}/*" + }, + ] + } + ) +} + +resource "aws_iam_role_policy" "read_from_editorial_photography" { + role = module.transfer_lambda.lambda_role.name + name = "read_from_editorial_photography-${var.environment}" + policy = jsonencode({ + Version = "2012-10-17" + Statement = [ + { + "Effect" = "Allow", + "Action" = [ + "s3:GetObject", + "s3:ListBucket" + ], + "Resource" = [ + "arn:aws:s3:::wellcomecollection-editorial-photography", + "arn:aws:s3:::wellcomecollection-editorial-photography/*" + ], + }, + ] + }) + +} \ No newline at end of file diff --git a/terraform/modules/transferrer_lambda/outputs.tf b/terraform/modules/transferrer_lambda/outputs.tf new file mode 100644 index 0000000..f504240 --- /dev/null +++ b/terraform/modules/transferrer_lambda/outputs.tf @@ -0,0 +1,7 @@ +output "lambda" { + value = module.transfer_lambda.lambda +} + +output "role" { + value = module.transfer_lambda.lambda_role +} \ No newline at end of file diff --git a/terraform/modules/transferrer_lambda/provider.tf b/terraform/modules/transferrer_lambda/provider.tf new file mode 100644 index 0000000..7afdcf4 --- /dev/null +++ b/terraform/modules/transferrer_lambda/provider.tf @@ -0,0 +1,7 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + } + } +} \ No newline at end of file diff --git a/terraform/modules/transferrer_lambda/variables.tf b/terraform/modules/transferrer_lambda/variables.tf new file mode 100644 index 0000000..537c342 --- /dev/null +++ b/terraform/modules/transferrer_lambda/variables.tf @@ -0,0 +1,16 @@ +variable "environment" { + type = string + validation { + condition = contains(["staging", "production"], var.environment) + error_message = "environment must be one of staging or production" + } +} + +variable "lambda_zip" { + type = object( + { + output_path = string, + output_base64sha256 = string + } + ) +} \ No newline at end of file diff --git a/terraform/modules/transferrer_pipe/main.tf b/terraform/modules/transferrer_pipe/main.tf new file mode 100644 index 0000000..45d66bb --- /dev/null +++ b/terraform/modules/transferrer_pipe/main.tf @@ -0,0 +1,20 @@ + +module "transfer_lambda" { + source = "../transferrer_lambda" + environment = var.environment + lambda_zip = var.lambda_zip +} + +module "input_queue" { + source = "../notification_queue" + environment = var.environment + queue_visibility_timeout = var.queue_visibility_timeout +} + +module "trigger" { + source = "../sqs_lambda_trigger" + queue_arn = module.input_queue.queue_arn + function_name = module.transfer_lambda.lambda.function_name + role_name = module.transfer_lambda.role.name + trigger_name = "editorial-photography-${var.environment}" +} \ No newline at end of file diff --git a/terraform/modules/transferrer_pipe/provider.tf b/terraform/modules/transferrer_pipe/provider.tf new file mode 100644 index 0000000..7afdcf4 --- /dev/null +++ b/terraform/modules/transferrer_pipe/provider.tf @@ -0,0 +1,7 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + } + } +} \ No newline at end of file diff --git a/terraform/modules/transferrer_pipe/variables.tf b/terraform/modules/transferrer_pipe/variables.tf new file mode 100644 index 0000000..2e70377 --- /dev/null +++ b/terraform/modules/transferrer_pipe/variables.tf @@ -0,0 +1,20 @@ +variable "environment" { + type = string + validation { + condition = contains(["staging", "production"], var.environment) + error_message = "environment must be one of staging or production" + } +} + +variable "queue_visibility_timeout" { + type = number +} + +variable "lambda_zip" { + type = object( + { + output_path = string, + output_base64sha256 = string + } + ) +} \ No newline at end of file diff --git a/terraform/provider.tf b/terraform/provider.tf new file mode 100644 index 0000000..474feb9 --- /dev/null +++ b/terraform/provider.tf @@ -0,0 +1,8 @@ + +provider "aws" { + region = "eu-west-1" + + assume_role { + role_arn = "arn:aws:iam::404315009621:role/digitisation-developer" + } +} diff --git a/terraform/terraform.tfstate b/terraform/terraform.tfstate new file mode 100644 index 0000000..571586e --- /dev/null +++ b/terraform/terraform.tfstate @@ -0,0 +1,2875 @@ +{ + "version": 4, + "terraform_version": "1.9.1", + "serial": 142, + "lineage": "f771bb0f-7da8-a6fb-16b0-05c69365ab79", + "outputs": {}, + "resources": [ + { + "mode": "data", + "type": "archive_file", + "name": "lambda_zip", + "provider": "provider[\"registry.terraform.io/hashicorp/archive\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "exclude_symlink_directories": null, + "excludes": null, + "id": "51e2cb1d23f5347d3f4c55449d087940218fbbe0", + "output_base64sha256": "6+Zdzy6IxAzcFVue7NkJR09+ZcqmMSfKPH7F4WsrtMU=", + "output_base64sha512": "lxsZATe1Q6nwQJzv8CyfvWKVh0eISy3hsOFZqPjo6sW5vWBX+xFYfLoLCHe9A67Kf4bfQLe9E0lwdh4AXyAapA==", + "output_file_mode": null, + "output_md5": "5be02375ee167b9fcc8b20b91a99d600", + "output_path": "lambda.zip", + "output_sha": "51e2cb1d23f5347d3f4c55449d087940218fbbe0", + "output_sha256": "ebe65dcf2e88c40cdc155b9eecd909474f7e65caa63127ca3c7ec5e16b2bb4c5", + "output_sha512": "971b190137b543a9f0409ceff02c9fbd62958747884b2de1b0e159a8f8e8eac5b9bd6057fb11587cba0b0877bd03aeca7f86df40b7bd134970761e005f201aa4", + "output_size": 29824, + "source": [], + "source_content": null, + "source_content_filename": null, + "source_dir": "../src", + "source_file": null, + "type": "zip" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.dlq_alarm_topic", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "404315009621", + "arn": "arn:aws:sts::404315009621:assumed-role/digitisation-developer/aws-go-sdk-1721134354589563000", + "id": "404315009621", + "user_id": "AROAV4IYNOJKTCHJELIGZ:aws-go-sdk-1721134354589563000" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.dlq_alarm_topic", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "cross_account_sns_topic_policy", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "4065007835", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Id\": \"__default_policy_ID\",\n \"Statement\": [\n {\n \"Sid\": \"__default_statement_ID\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\"\n ],\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production\",\n \"Principal\": {\n \"AWS\": \"*\"\n },\n \"Condition\": {\n \"StringEquals\": {\n \"AWS:SourceOwner\": \"404315009621\"\n }\n }\n },\n {\n \"Sid\": \"ReportingAccess\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:Receive\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\"\n ],\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production\",\n \"Principal\": {\n \"AWS\": []\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Id\":\"__default_policy_ID\",\"Statement\":[{\"Sid\":\"__default_statement_ID\",\"Effect\":\"Allow\",\"Action\":[\"SNS:Subscribe\",\"SNS:SetTopicAttributes\",\"SNS:RemovePermission\",\"SNS:Receive\",\"SNS:Publish\",\"SNS:ListSubscriptionsByTopic\",\"SNS:GetTopicAttributes\",\"SNS:DeleteTopic\",\"SNS:AddPermission\"],\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production\",\"Principal\":{\"AWS\":\"*\"},\"Condition\":{\"StringEquals\":{\"AWS:SourceOwner\":\"404315009621\"}}},{\"Sid\":\"ReportingAccess\",\"Effect\":\"Allow\",\"Action\":[\"SNS:Subscribe\",\"SNS:SetTopicAttributes\",\"SNS:Receive\",\"SNS:ListSubscriptionsByTopic\",\"SNS:GetTopicAttributes\"],\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production\",\"Principal\":{\"AWS\":[]}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": "__default_policy_ID", + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "SNS:AddPermission", + "SNS:DeleteTopic", + "SNS:GetTopicAttributes", + "SNS:ListSubscriptionsByTopic", + "SNS:Publish", + "SNS:Receive", + "SNS:RemovePermission", + "SNS:SetTopicAttributes", + "SNS:Subscribe" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "404315009621" + ], + "variable": "AWS:SourceOwner" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "*" + ], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production" + ], + "sid": "__default_statement_ID" + }, + { + "actions": [ + "SNS:GetTopicAttributes", + "SNS:ListSubscriptionsByTopic", + "SNS:Receive", + "SNS:SetTopicAttributes", + "SNS:Subscribe" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production" + ], + "sid": "ReportingAccess" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.dlq_alarm_topic", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "publish_to_topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "2217557951", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"sns:Publish\",\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"sns:Publish\",\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sns:Publish" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.dlq_alarm_topic", + "mode": "managed", + "type": "aws_sns_topic", + "name": "topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "application_failure_feedback_role_arn": "", + "application_success_feedback_role_arn": "", + "application_success_feedback_sample_rate": 0, + "archive_policy": "", + "arn": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production", + "beginning_archive_time": "", + "content_based_deduplication": false, + "delivery_policy": "", + "display_name": "", + "fifo_topic": false, + "firehose_failure_feedback_role_arn": "", + "firehose_success_feedback_role_arn": "", + "firehose_success_feedback_sample_rate": 0, + "http_failure_feedback_role_arn": "", + "http_success_feedback_role_arn": "", + "http_success_feedback_sample_rate": 0, + "id": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production", + "kms_master_key_id": "", + "lambda_failure_feedback_role_arn": "", + "lambda_success_feedback_role_arn": "", + "lambda_success_feedback_sample_rate": 0, + "name": "transfer-shoots-alarm-production", + "name_prefix": "", + "owner": "404315009621", + "policy": "{\"Id\":\"__default_policy_ID\",\"Statement\":[{\"Action\":[\"SNS:GetTopicAttributes\",\"SNS:SetTopicAttributes\",\"SNS:AddPermission\",\"SNS:RemovePermission\",\"SNS:DeleteTopic\",\"SNS:Subscribe\",\"SNS:ListSubscriptionsByTopic\",\"SNS:Publish\"],\"Condition\":{\"StringEquals\":{\"AWS:SourceOwner\":\"404315009621\"}},\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"*\"},\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production\",\"Sid\":\"__default_statement_ID\"}],\"Version\":\"2008-10-17\"}", + "signature_version": 0, + "sqs_failure_feedback_role_arn": "", + "sqs_success_feedback_role_arn": "", + "sqs_success_feedback_sample_rate": 0, + "tags": {}, + "tags_all": {}, + "tracing_config": "" + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.input_queue", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "404315009621", + "arn": "arn:aws:sts::404315009621:assumed-role/digitisation-developer/aws-go-sdk-1721134354589563000", + "id": "404315009621", + "user_id": "AROAV4IYNOJKTCHJELIGZ:aws-go-sdk-1721134354589563000" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.input_queue", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "read_from_queue", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "2552967950", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"sqs:ReceiveMessage\",\n \"sqs:DeleteMessage\",\n \"sqs:ChangeMessageVisibilityBatch\",\n \"sqs:ChangeMessageVisibility\"\n ],\n \"Resource\": \"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"sqs:ReceiveMessage\",\"sqs:DeleteMessage\",\"sqs:ChangeMessageVisibilityBatch\",\"sqs:ChangeMessageVisibility\"],\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sqs:ChangeMessageVisibility", + "sqs:ChangeMessageVisibilityBatch", + "sqs:DeleteMessage", + "sqs:ReceiveMessage" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.input_queue", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "write_to_queue", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "2738586252", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"es-sns-to-sqs-policy\",\n \"Effect\": \"Allow\",\n \"Action\": \"sqs:SendMessage\",\n \"Resource\": \"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production\",\n \"Principal\": {\n \"AWS\": \"*\"\n },\n \"Condition\": {\n \"ArnEquals\": {\n \"aws:SourceArn\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\"\n }\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"es-sns-to-sqs-policy\",\"Effect\":\"Allow\",\"Action\":\"sqs:SendMessage\",\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production\",\"Principal\":{\"AWS\":\"*\"},\"Condition\":{\"ArnEquals\":{\"aws:SourceArn\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\"}}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sqs:SendMessage" + ], + "condition": [ + { + "test": "ArnEquals", + "values": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production" + ], + "variable": "aws:SourceArn" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "*" + ], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production" + ], + "sid": "es-sns-to-sqs-policy" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.input_queue", + "mode": "data", + "type": "aws_region", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "Europe (Ireland)", + "endpoint": "ec2.eu-west-1.amazonaws.com", + "id": "eu-west-1", + "name": "eu-west-1" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.input_queue", + "mode": "managed", + "type": "aws_cloudwatch_metric_alarm", + "name": "dlq_not_empty", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "actions_enabled": true, + "alarm_actions": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production" + ], + "alarm_description": "", + "alarm_name": "transfer-shoots-production_dlq_not_empty", + "arn": "arn:aws:cloudwatch:eu-west-1:404315009621:alarm:transfer-shoots-production_dlq_not_empty", + "comparison_operator": "GreaterThanThreshold", + "datapoints_to_alarm": 0, + "dimensions": { + "QueueName": "transfer-shoots-production_dlq" + }, + "evaluate_low_sample_count_percentiles": "", + "evaluation_periods": 1, + "extended_statistic": "", + "id": "transfer-shoots-production_dlq_not_empty", + "insufficient_data_actions": [], + "metric_name": "ApproximateNumberOfMessagesVisible", + "metric_query": [], + "namespace": "AWS/SQS", + "ok_actions": [], + "period": 60, + "statistic": "Average", + "tags": {}, + "tags_all": {}, + "threshold": 0, + "threshold_metric_id": "", + "treat_missing_data": "missing", + "unit": "" + }, + "sensitive_attributes": [], + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "module.production_lambda.module.input_queue.module.dlq_alarm_topic.aws_sns_topic.topic", + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq" + ] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.input_queue", + "mode": "managed", + "type": "aws_sns_topic_subscription", + "name": "sns_topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production:2c909279-8913-4154-a8a1-617f442af1fb", + "confirmation_timeout_in_minutes": 1, + "confirmation_was_authenticated": true, + "delivery_policy": "", + "endpoint": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production", + "endpoint_auto_confirms": false, + "filter_policy": "", + "filter_policy_scope": "", + "id": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production:2c909279-8913-4154-a8a1-617f442af1fb", + "owner_id": "404315009621", + "pending_confirmation": false, + "protocol": "sqs", + "raw_message_delivery": false, + "redrive_policy": "", + "replay_policy": "", + "subscription_role_arn": "", + "topic_arn": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.q", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.production_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic" + ] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.input_queue", + "mode": "managed", + "type": "aws_sqs_queue", + "name": "dlq", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production_dlq", + "content_based_deduplication": false, + "deduplication_scope": "", + "delay_seconds": 0, + "fifo_queue": false, + "fifo_throughput_limit": "", + "id": "https://sqs.eu-west-1.amazonaws.com/404315009621/transfer-shoots-production_dlq", + "kms_data_key_reuse_period_seconds": 300, + "kms_master_key_id": "", + "max_message_size": 262144, + "message_retention_seconds": 345600, + "name": "transfer-shoots-production_dlq", + "name_prefix": "", + "policy": "", + "receive_wait_time_seconds": 0, + "redrive_allow_policy": "", + "redrive_policy": "", + "sqs_managed_sse_enabled": true, + "tags": {}, + "tags_all": {}, + "url": "https://sqs.eu-west-1.amazonaws.com/404315009621/transfer-shoots-production_dlq", + "visibility_timeout_seconds": 30 + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.input_queue", + "mode": "managed", + "type": "aws_sqs_queue", + "name": "q", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production", + "content_based_deduplication": false, + "deduplication_scope": "", + "delay_seconds": 0, + "fifo_queue": false, + "fifo_throughput_limit": "", + "id": "https://sqs.eu-west-1.amazonaws.com/404315009621/transfer-shoots-production", + "kms_data_key_reuse_period_seconds": 300, + "kms_master_key_id": "", + "max_message_size": 262144, + "message_retention_seconds": 1200, + "name": "transfer-shoots-production", + "name_prefix": "", + "policy": "{\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Condition\":{\"ArnEquals\":{\"aws:SourceArn\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\"}},\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"*\"},\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production\",\"Sid\":\"es-sns-to-sqs-policy\"}],\"Version\":\"2012-10-17\"}", + "receive_wait_time_seconds": 0, + "redrive_allow_policy": "", + "redrive_policy": "{\"deadLetterTargetArn\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production_dlq\",\"maxReceiveCount\":1}", + "sqs_managed_sse_enabled": true, + "tags": {}, + "tags_all": {}, + "url": "https://sqs.eu-west-1.amazonaws.com/404315009621/transfer-shoots-production", + "visibility_timeout_seconds": 160 + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.production_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic" + ] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.transfer_shoots_topic", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "404315009621", + "arn": "arn:aws:sts::404315009621:assumed-role/digitisation-developer/aws-go-sdk-1721134354589563000", + "id": "404315009621", + "user_id": "AROAV4IYNOJKTCHJELIGZ:aws-go-sdk-1721134354589563000" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.transfer_shoots_topic", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "cross_account_sns_topic_policy", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "3746585137", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Id\": \"__default_policy_ID\",\n \"Statement\": [\n {\n \"Sid\": \"__default_statement_ID\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\"\n ],\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\",\n \"Principal\": {\n \"AWS\": \"*\"\n },\n \"Condition\": {\n \"StringEquals\": {\n \"AWS:SourceOwner\": \"404315009621\"\n }\n }\n },\n {\n \"Sid\": \"ReportingAccess\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:Receive\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\"\n ],\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\",\n \"Principal\": {\n \"AWS\": []\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Id\":\"__default_policy_ID\",\"Statement\":[{\"Sid\":\"__default_statement_ID\",\"Effect\":\"Allow\",\"Action\":[\"SNS:Subscribe\",\"SNS:SetTopicAttributes\",\"SNS:RemovePermission\",\"SNS:Receive\",\"SNS:Publish\",\"SNS:ListSubscriptionsByTopic\",\"SNS:GetTopicAttributes\",\"SNS:DeleteTopic\",\"SNS:AddPermission\"],\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\",\"Principal\":{\"AWS\":\"*\"},\"Condition\":{\"StringEquals\":{\"AWS:SourceOwner\":\"404315009621\"}}},{\"Sid\":\"ReportingAccess\",\"Effect\":\"Allow\",\"Action\":[\"SNS:Subscribe\",\"SNS:SetTopicAttributes\",\"SNS:Receive\",\"SNS:ListSubscriptionsByTopic\",\"SNS:GetTopicAttributes\"],\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\",\"Principal\":{\"AWS\":[]}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": "__default_policy_ID", + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "SNS:AddPermission", + "SNS:DeleteTopic", + "SNS:GetTopicAttributes", + "SNS:ListSubscriptionsByTopic", + "SNS:Publish", + "SNS:Receive", + "SNS:RemovePermission", + "SNS:SetTopicAttributes", + "SNS:Subscribe" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "404315009621" + ], + "variable": "AWS:SourceOwner" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "*" + ], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production" + ], + "sid": "__default_statement_ID" + }, + { + "actions": [ + "SNS:GetTopicAttributes", + "SNS:ListSubscriptionsByTopic", + "SNS:Receive", + "SNS:SetTopicAttributes", + "SNS:Subscribe" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production" + ], + "sid": "ReportingAccess" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.transfer_shoots_topic", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "publish_to_topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "551570421", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"sns:Publish\",\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"sns:Publish\",\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sns:Publish" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.transfer_shoots_topic", + "mode": "managed", + "type": "aws_sns_topic", + "name": "topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "application_failure_feedback_role_arn": "", + "application_success_feedback_role_arn": "", + "application_success_feedback_sample_rate": 0, + "archive_policy": "", + "arn": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production", + "beginning_archive_time": "", + "content_based_deduplication": false, + "delivery_policy": "", + "display_name": "", + "fifo_topic": false, + "firehose_failure_feedback_role_arn": "", + "firehose_success_feedback_role_arn": "", + "firehose_success_feedback_sample_rate": 0, + "http_failure_feedback_role_arn": "", + "http_success_feedback_role_arn": "", + "http_success_feedback_sample_rate": 0, + "id": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production", + "kms_master_key_id": "", + "lambda_failure_feedback_role_arn": "", + "lambda_success_feedback_role_arn": "", + "lambda_success_feedback_sample_rate": 0, + "name": "transfer-shoots-production", + "name_prefix": "", + "owner": "404315009621", + "policy": "{\"Id\":\"__default_policy_ID\",\"Statement\":[{\"Action\":[\"SNS:GetTopicAttributes\",\"SNS:SetTopicAttributes\",\"SNS:AddPermission\",\"SNS:RemovePermission\",\"SNS:DeleteTopic\",\"SNS:Subscribe\",\"SNS:ListSubscriptionsByTopic\",\"SNS:Publish\"],\"Condition\":{\"StringEquals\":{\"AWS:SourceOwner\":\"404315009621\"}},\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"*\"},\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\",\"Sid\":\"__default_statement_ID\"}],\"Version\":\"2008-10-17\"}", + "signature_version": 0, + "sqs_failure_feedback_role_arn": "", + "sqs_success_feedback_role_arn": "", + "sqs_success_feedback_sample_rate": 0, + "tags": {}, + "tags_all": {}, + "tracing_config": "" + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_role_policy", + "name": "read_from_editorial_photography", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "lambda-role-editorial-photography-transfer-production:read_from_editorial_photography-production", + "name": "read_from_editorial_photography-production", + "name_prefix": "", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":[\"s3:GetObject\",\"s3:ListBucket\"],\"Effect\":\"Allow\",\"Resource\":[\"arn:aws:s3:::wellcomecollection-editorial-photography\",\"arn:aws:s3:::wellcomecollection-editorial-photography/*\"]}]}", + "role": "lambda-role-editorial-photography-transfer-production" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_role_policy", + "name": "write_to_archivematica_transfer_source", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "lambda-role-editorial-photography-transfer-production:write_to_archivematica_transfer_source-production", + "name": "write_to_archivematica_transfer_source-production", + "name_prefix": "", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":\"s3:PutObject\",\"Effect\":\"Allow\",\"Resource\":\"arn:aws:s3:::wellcomecollection-archivematica-transfer-source/*\"}]}", + "role": "lambda-role-editorial-photography-transfer-production" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_caller_identity", + "name": "account", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "404315009621", + "arn": "arn:aws:sts::404315009621:assumed-role/digitisation-developer/aws-go-sdk-1721134354589563000", + "id": "404315009621", + "user_id": "AROAV4IYNOJKTCHJELIGZ:aws-go-sdk-1721134354589563000" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "lambda_assume_role", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "2690255455", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"lambda.amazonaws.com\"\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"sts:AssumeRole\",\"Principal\":{\"Service\":\"lambda.amazonaws.com\"}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sts:AssumeRole" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "lambda.amazonaws.com" + ], + "type": "Service" + } + ], + "resources": [], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "lambda_logging", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "3070120303", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"logs:CreateLogGroup\",\n \"Resource\": \"arn:aws:logs:region:404315009621:*\"\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"logs:PutLogEvents\",\n \"logs:CreateLogStream\"\n ],\n \"Resource\": \"arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-production:*\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"logs:CreateLogGroup\",\"Resource\":\"arn:aws:logs:region:404315009621:*\"},{\"Effect\":\"Allow\",\"Action\":[\"logs:PutLogEvents\",\"logs:CreateLogStream\"],\"Resource\":\"arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-production:*\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "logs:CreateLogGroup" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:logs:region:404315009621:*" + ], + "sid": "" + }, + { + "actions": [ + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-production:*" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "network_interface", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "2032075453", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:DeleteNetworkInterface\",\n \"ec2:CreateNetworkInterface\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"ec2:DescribeNetworkInterfaces\",\"ec2:DeleteNetworkInterface\",\"ec2:CreateNetworkInterface\"],\"Resource\":\"*\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "*" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_ssm_parameter", + "name": "log_destination", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ssm:eu-west-1:404315009621:parameter/logging/forwarder/destination_arn", + "id": "/logging/forwarder/destination_arn", + "insecure_value": "arn:aws:logs:eu-west-1:760097843905:destination:elasticsearch-forwarder-logs", + "name": "/logging/forwarder/destination_arn", + "type": "String", + "value": "arn:aws:logs:eu-west-1:760097843905:destination:elasticsearch-forwarder-logs", + "version": 1, + "with_decryption": true + }, + "sensitive_attributes": [ + [ + { + "type": "get_attr", + "value": "value" + } + ] + ] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_cloudwatch_log_group", + "name": "lambda", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-production", + "id": "/aws/lambda/editorial-photography-transfer-production", + "kms_key_id": "", + "log_group_class": "STANDARD", + "name": "/aws/lambda/editorial-photography-transfer-production", + "name_prefix": "", + "retention_in_days": 1, + "skip_destroy": false, + "tags": {}, + "tags_all": {} + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_cloudwatch_log_subscription_filter", + "name": "kinesis", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "lambda-logs-to-kinesis", + "schema_version": 0, + "attributes": { + "destination_arn": "arn:aws:logs:eu-west-1:760097843905:destination:elasticsearch-forwarder-logs", + "distribution": "ByLogStream", + "filter_pattern": "", + "id": "cwlsf-445002994", + "log_group_name": "/aws/lambda/editorial-photography-transfer-production", + "name": "lambda-logs-to-kinesis", + "role_arn": "" + }, + "sensitive_attributes": [ + [ + { + "type": "get_attr", + "value": "destination_arn" + } + ] + ], + "private": "bnVsbA==", + "dependencies": [ + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_cloudwatch_log_group.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_ssm_parameter.log_destination" + ] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_policy", + "name": "lambda_logging", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::404315009621:policy/lambda-logging-editorial-photography-transfer-production", + "attachment_count": 1, + "description": "Allow the editorial-photography-transfer-production Lambda to send logs to CloudWatch", + "id": "arn:aws:iam::404315009621:policy/lambda-logging-editorial-photography-transfer-production", + "name": "lambda-logging-editorial-photography-transfer-production", + "name_prefix": "", + "path": "/", + "policy": "{\"Statement\":[{\"Action\":\"logs:CreateLogGroup\",\"Effect\":\"Allow\",\"Resource\":\"arn:aws:logs:region:404315009621:*\"},{\"Action\":[\"logs:PutLogEvents\",\"logs:CreateLogStream\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-production:*\"}],\"Version\":\"2012-10-17\"}", + "policy_id": "ANPAV4IYNOJKREQUT7Z66", + "tags": {}, + "tags_all": {} + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_cloudwatch_log_group.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_caller_identity.account", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_logging" + ] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_role", + "name": "lambda", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::404315009621:role/lambda-role-editorial-photography-transfer-production", + "assume_role_policy": "{\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"lambda.amazonaws.com\"}}],\"Version\":\"2012-10-17\"}", + "create_date": "2024-07-15T14:14:40Z", + "description": "", + "force_detach_policies": false, + "id": "lambda-role-editorial-photography-transfer-production", + "inline_policy": [ + { + "name": "editorial-photography-production-pull-from-queue", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":[\"sqs:ReceiveMessage\",\"sqs:GetQueueAttributes\",\"sqs:DeleteMessage\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production\"}]}" + }, + { + "name": "terraform-20240715141440672300000001", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":[\"s3:GetObject\",\"s3:ListBucket\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:s3:::wellcomecollection-editorial-photography\"}]}" + }, + { + "name": "write_to_archivematica_transfer_source-production", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":\"s3:PutObject\",\"Effect\":\"Allow\",\"Resource\":\"arn:aws:s3:::wellcomecollection-archivematica-transfer-source/*\"}]}" + } + ], + "managed_policy_arns": [ + "arn:aws:iam::404315009621:policy/lambda-logging-editorial-photography-transfer-production" + ], + "max_session_duration": 3600, + "name": "lambda-role-editorial-photography-transfer-production", + "name_prefix": "", + "path": "/", + "permissions_boundary": "", + "tags": {}, + "tags_all": {}, + "unique_id": "AROAV4IYNOJKZW7JWPDCL" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "lambda_logging", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "lambda-role-editorial-photography-transfer-production-20240715141441102300000003", + "policy_arn": "arn:aws:iam::404315009621:policy/lambda-logging-editorial-photography-transfer-production", + "role": "lambda-role-editorial-photography-transfer-production" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_cloudwatch_log_group.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_policy.lambda_logging", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_caller_identity.account", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_logging" + ] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_lambda_function", + "name": "main", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "architectures": [ + "x86_64" + ], + "arn": "arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-production", + "code_sha256": "6+Zdzy6IxAzcFVue7NkJR09+ZcqmMSfKPH7F4WsrtMU=", + "code_signing_config_arn": "", + "dead_letter_config": [], + "description": "", + "environment": [ + { + "variables": { + "ACCESSION_NUMBER": "2754", + "TARGET_BUCKET": "wellcomecollection-archivematica-transfer-source" + } + } + ], + "ephemeral_storage": [ + { + "size": 512 + } + ], + "file_system_config": [], + "filename": "./lambda.zip", + "function_name": "editorial-photography-transfer-production", + "handler": "lambda_function.lambda_handler", + "id": "editorial-photography-transfer-production", + "image_config": [], + "image_uri": "", + "invoke_arn": "arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-production/invocations", + "kms_key_arn": "", + "last_modified": "2024-07-16T12:25:54.000+0000", + "layers": [], + "logging_config": [ + { + "application_log_level": "", + "log_format": "Text", + "log_group": "/aws/lambda/editorial-photography-transfer-production", + "system_log_level": "" + } + ], + "memory_size": 512, + "package_type": "Zip", + "publish": false, + "qualified_arn": "arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-production:$LATEST", + "qualified_invoke_arn": "arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-production:$LATEST/invocations", + "replace_security_groups_on_destroy": null, + "replacement_security_group_ids": null, + "reserved_concurrent_executions": -1, + "role": "arn:aws:iam::404315009621:role/lambda-role-editorial-photography-transfer-production", + "runtime": "python3.12", + "s3_bucket": null, + "s3_key": null, + "s3_object_version": null, + "signing_job_arn": "", + "signing_profile_version_arn": "", + "skip_destroy": false, + "snap_start": [], + "source_code_hash": "6+Zdzy6IxAzcFVue7NkJR09+ZcqmMSfKPH7F4WsrtMU=", + "source_code_size": 29824, + "tags": {}, + "tags_all": {}, + "timeout": 120, + "timeouts": null, + "tracing_config": [ + { + "mode": "PassThrough" + } + ], + "version": "$LATEST", + "vpc_config": [] + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19", + "dependencies": [ + "data.archive_file.lambda_zip", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.production_lambda.module.trigger", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "allow_sqs_pull", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "2608286902", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"sqs:ReceiveMessage\",\n \"sqs:GetQueueAttributes\",\n \"sqs:DeleteMessage\"\n ],\n \"Resource\": \"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"sqs:ReceiveMessage\",\"sqs:GetQueueAttributes\",\"sqs:DeleteMessage\"],\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sqs:DeleteMessage", + "sqs:GetQueueAttributes", + "sqs:ReceiveMessage" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.trigger", + "mode": "managed", + "type": "aws_iam_role_policy", + "name": "allow_sqs_pull", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "lambda-role-editorial-photography-transfer-production:editorial-photography-production-pull-from-queue", + "name": "editorial-photography-production-pull-from-queue", + "name_prefix": "", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":[\"sqs:ReceiveMessage\",\"sqs:GetQueueAttributes\",\"sqs:DeleteMessage\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production\"}]}", + "role": "lambda-role-editorial-photography-transfer-production" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.q", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.production_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role", + "module.production_lambda.module.trigger.data.aws_iam_policy_document.allow_sqs_pull" + ] + } + ] + }, + { + "module": "module.production_lambda.module.trigger", + "mode": "managed", + "type": "aws_lambda_event_source_mapping", + "name": "lambda_trigger", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "amazon_managed_kafka_event_source_config": [], + "batch_size": 1, + "bisect_batch_on_function_error": false, + "destination_config": [], + "document_db_event_source_config": [], + "enabled": true, + "event_source_arn": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production", + "filter_criteria": [], + "function_arn": "arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-production", + "function_name": "arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-production", + "function_response_types": [], + "id": "5b4798fd-d285-4dd4-b065-e5d735743e66", + "last_modified": "2024-07-15T14:26:13Z", + "last_processing_result": "", + "maximum_batching_window_in_seconds": 0, + "maximum_record_age_in_seconds": 0, + "maximum_retry_attempts": 0, + "parallelization_factor": 0, + "queues": [], + "scaling_config": [], + "self_managed_event_source": [], + "self_managed_kafka_event_source_config": [], + "source_access_configuration": [], + "starting_position": "", + "starting_position_timestamp": "", + "state": "Enabled", + "state_transition_reason": "USER_INITIATED", + "topics": [], + "tumbling_window_in_seconds": 0, + "uuid": "5b4798fd-d285-4dd4-b065-e5d735743e66" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "data.archive_file.lambda_zip", + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.q", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.production_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_lambda_function.main", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.production_lambda.module.trigger", + "mode": "managed", + "type": "aws_lambda_permission", + "name": "allow_lambda_sqs_trigger", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "action": "lambda:InvokeFunction", + "event_source_token": null, + "function_name": "editorial-photography-transfer-production", + "function_url_auth_type": null, + "id": "terraform-20240715141530727400000006", + "principal": "sqs.amazonaws.com", + "principal_org_id": null, + "qualifier": "", + "source_account": null, + "source_arn": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production", + "statement_id": "terraform-20240715141530727400000006", + "statement_id_prefix": "terraform-" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "data.archive_file.lambda_zip", + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.q", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.production_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_lambda_function.main", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.dlq_alarm_topic", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "404315009621", + "arn": "arn:aws:sts::404315009621:assumed-role/digitisation-developer/aws-go-sdk-1721134354589563000", + "id": "404315009621", + "user_id": "AROAV4IYNOJKTCHJELIGZ:aws-go-sdk-1721134354589563000" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.dlq_alarm_topic", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "cross_account_sns_topic_policy", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "933436621", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Id\": \"__default_policy_ID\",\n \"Statement\": [\n {\n \"Sid\": \"__default_statement_ID\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\"\n ],\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging\",\n \"Principal\": {\n \"AWS\": \"*\"\n },\n \"Condition\": {\n \"StringEquals\": {\n \"AWS:SourceOwner\": \"404315009621\"\n }\n }\n },\n {\n \"Sid\": \"ReportingAccess\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:Receive\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\"\n ],\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging\",\n \"Principal\": {\n \"AWS\": []\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Id\":\"__default_policy_ID\",\"Statement\":[{\"Sid\":\"__default_statement_ID\",\"Effect\":\"Allow\",\"Action\":[\"SNS:Subscribe\",\"SNS:SetTopicAttributes\",\"SNS:RemovePermission\",\"SNS:Receive\",\"SNS:Publish\",\"SNS:ListSubscriptionsByTopic\",\"SNS:GetTopicAttributes\",\"SNS:DeleteTopic\",\"SNS:AddPermission\"],\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging\",\"Principal\":{\"AWS\":\"*\"},\"Condition\":{\"StringEquals\":{\"AWS:SourceOwner\":\"404315009621\"}}},{\"Sid\":\"ReportingAccess\",\"Effect\":\"Allow\",\"Action\":[\"SNS:Subscribe\",\"SNS:SetTopicAttributes\",\"SNS:Receive\",\"SNS:ListSubscriptionsByTopic\",\"SNS:GetTopicAttributes\"],\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging\",\"Principal\":{\"AWS\":[]}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": "__default_policy_ID", + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "SNS:AddPermission", + "SNS:DeleteTopic", + "SNS:GetTopicAttributes", + "SNS:ListSubscriptionsByTopic", + "SNS:Publish", + "SNS:Receive", + "SNS:RemovePermission", + "SNS:SetTopicAttributes", + "SNS:Subscribe" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "404315009621" + ], + "variable": "AWS:SourceOwner" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "*" + ], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging" + ], + "sid": "__default_statement_ID" + }, + { + "actions": [ + "SNS:GetTopicAttributes", + "SNS:ListSubscriptionsByTopic", + "SNS:Receive", + "SNS:SetTopicAttributes", + "SNS:Subscribe" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging" + ], + "sid": "ReportingAccess" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.dlq_alarm_topic", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "publish_to_topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "2847489774", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"sns:Publish\",\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"sns:Publish\",\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sns:Publish" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.dlq_alarm_topic", + "mode": "managed", + "type": "aws_sns_topic", + "name": "topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "application_failure_feedback_role_arn": "", + "application_success_feedback_role_arn": "", + "application_success_feedback_sample_rate": 0, + "archive_policy": "", + "arn": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging", + "beginning_archive_time": "", + "content_based_deduplication": false, + "delivery_policy": "", + "display_name": "", + "fifo_topic": false, + "firehose_failure_feedback_role_arn": "", + "firehose_success_feedback_role_arn": "", + "firehose_success_feedback_sample_rate": 0, + "http_failure_feedback_role_arn": "", + "http_success_feedback_role_arn": "", + "http_success_feedback_sample_rate": 0, + "id": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging", + "kms_master_key_id": "", + "lambda_failure_feedback_role_arn": "", + "lambda_success_feedback_role_arn": "", + "lambda_success_feedback_sample_rate": 0, + "name": "transfer-shoots-alarm-staging", + "name_prefix": "", + "owner": "404315009621", + "policy": "{\"Id\":\"__default_policy_ID\",\"Statement\":[{\"Action\":[\"SNS:GetTopicAttributes\",\"SNS:SetTopicAttributes\",\"SNS:AddPermission\",\"SNS:RemovePermission\",\"SNS:DeleteTopic\",\"SNS:Subscribe\",\"SNS:ListSubscriptionsByTopic\",\"SNS:Publish\"],\"Condition\":{\"StringEquals\":{\"AWS:SourceOwner\":\"404315009621\"}},\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"*\"},\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging\",\"Sid\":\"__default_statement_ID\"}],\"Version\":\"2008-10-17\"}", + "signature_version": 0, + "sqs_failure_feedback_role_arn": "", + "sqs_success_feedback_role_arn": "", + "sqs_success_feedback_sample_rate": 0, + "tags": {}, + "tags_all": {}, + "tracing_config": "" + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.input_queue", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "404315009621", + "arn": "arn:aws:sts::404315009621:assumed-role/digitisation-developer/aws-go-sdk-1721134354589563000", + "id": "404315009621", + "user_id": "AROAV4IYNOJKTCHJELIGZ:aws-go-sdk-1721134354589563000" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.input_queue", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "read_from_queue", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "1466361473", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"sqs:ReceiveMessage\",\n \"sqs:DeleteMessage\",\n \"sqs:ChangeMessageVisibilityBatch\",\n \"sqs:ChangeMessageVisibility\"\n ],\n \"Resource\": \"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"sqs:ReceiveMessage\",\"sqs:DeleteMessage\",\"sqs:ChangeMessageVisibilityBatch\",\"sqs:ChangeMessageVisibility\"],\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sqs:ChangeMessageVisibility", + "sqs:ChangeMessageVisibilityBatch", + "sqs:DeleteMessage", + "sqs:ReceiveMessage" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.input_queue", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "write_to_queue", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "1273799732", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"es-sns-to-sqs-policy\",\n \"Effect\": \"Allow\",\n \"Action\": \"sqs:SendMessage\",\n \"Resource\": \"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging\",\n \"Principal\": {\n \"AWS\": \"*\"\n },\n \"Condition\": {\n \"ArnEquals\": {\n \"aws:SourceArn\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\"\n }\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"es-sns-to-sqs-policy\",\"Effect\":\"Allow\",\"Action\":\"sqs:SendMessage\",\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging\",\"Principal\":{\"AWS\":\"*\"},\"Condition\":{\"ArnEquals\":{\"aws:SourceArn\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\"}}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sqs:SendMessage" + ], + "condition": [ + { + "test": "ArnEquals", + "values": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging" + ], + "variable": "aws:SourceArn" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "*" + ], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging" + ], + "sid": "es-sns-to-sqs-policy" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.input_queue", + "mode": "data", + "type": "aws_region", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "Europe (Ireland)", + "endpoint": "ec2.eu-west-1.amazonaws.com", + "id": "eu-west-1", + "name": "eu-west-1" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.input_queue", + "mode": "managed", + "type": "aws_cloudwatch_metric_alarm", + "name": "dlq_not_empty", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "actions_enabled": true, + "alarm_actions": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging" + ], + "alarm_description": "", + "alarm_name": "transfer-shoots-staging_dlq_not_empty", + "arn": "arn:aws:cloudwatch:eu-west-1:404315009621:alarm:transfer-shoots-staging_dlq_not_empty", + "comparison_operator": "GreaterThanThreshold", + "datapoints_to_alarm": 0, + "dimensions": { + "QueueName": "transfer-shoots-staging_dlq" + }, + "evaluate_low_sample_count_percentiles": "", + "evaluation_periods": 1, + "extended_statistic": "", + "id": "transfer-shoots-staging_dlq_not_empty", + "insufficient_data_actions": [], + "metric_name": "ApproximateNumberOfMessagesVisible", + "metric_query": [], + "namespace": "AWS/SQS", + "ok_actions": [], + "period": 60, + "statistic": "Average", + "tags": {}, + "tags_all": {}, + "threshold": 0, + "threshold_metric_id": "", + "treat_missing_data": "missing", + "unit": "" + }, + "sensitive_attributes": [], + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "module.staging_lambda.module.input_queue.module.dlq_alarm_topic.aws_sns_topic.topic", + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.input_queue", + "mode": "managed", + "type": "aws_sns_topic_subscription", + "name": "sns_topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging:67cf1855-0bee-491c-a9ef-d21c48490347", + "confirmation_timeout_in_minutes": 1, + "confirmation_was_authenticated": true, + "delivery_policy": "", + "endpoint": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging", + "endpoint_auto_confirms": false, + "filter_policy": "", + "filter_policy_scope": "", + "id": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging:67cf1855-0bee-491c-a9ef-d21c48490347", + "owner_id": "404315009621", + "pending_confirmation": false, + "protocol": "sqs", + "raw_message_delivery": false, + "redrive_policy": "", + "replay_policy": "", + "subscription_role_arn": "", + "topic_arn": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.q", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.staging_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.input_queue", + "mode": "managed", + "type": "aws_sqs_queue", + "name": "dlq", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging_dlq", + "content_based_deduplication": false, + "deduplication_scope": "", + "delay_seconds": 0, + "fifo_queue": false, + "fifo_throughput_limit": "", + "id": "https://sqs.eu-west-1.amazonaws.com/404315009621/transfer-shoots-staging_dlq", + "kms_data_key_reuse_period_seconds": 300, + "kms_master_key_id": "", + "max_message_size": 262144, + "message_retention_seconds": 345600, + "name": "transfer-shoots-staging_dlq", + "name_prefix": "", + "policy": "", + "receive_wait_time_seconds": 0, + "redrive_allow_policy": "", + "redrive_policy": "", + "sqs_managed_sse_enabled": true, + "tags": {}, + "tags_all": {}, + "url": "https://sqs.eu-west-1.amazonaws.com/404315009621/transfer-shoots-staging_dlq", + "visibility_timeout_seconds": 30 + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.input_queue", + "mode": "managed", + "type": "aws_sqs_queue", + "name": "q", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging", + "content_based_deduplication": false, + "deduplication_scope": "", + "delay_seconds": 0, + "fifo_queue": false, + "fifo_throughput_limit": "", + "id": "https://sqs.eu-west-1.amazonaws.com/404315009621/transfer-shoots-staging", + "kms_data_key_reuse_period_seconds": 300, + "kms_master_key_id": "", + "max_message_size": 262144, + "message_retention_seconds": 1200, + "name": "transfer-shoots-staging", + "name_prefix": "", + "policy": "{\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Condition\":{\"ArnEquals\":{\"aws:SourceArn\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\"}},\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"*\"},\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging\",\"Sid\":\"es-sns-to-sqs-policy\"}],\"Version\":\"2012-10-17\"}", + "receive_wait_time_seconds": 0, + "redrive_allow_policy": "", + "redrive_policy": "{\"deadLetterTargetArn\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging_dlq\",\"maxReceiveCount\":1}", + "sqs_managed_sse_enabled": true, + "tags": {}, + "tags_all": {}, + "url": "https://sqs.eu-west-1.amazonaws.com/404315009621/transfer-shoots-staging", + "visibility_timeout_seconds": 160 + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.staging_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.transfer_shoots_topic", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "404315009621", + "arn": "arn:aws:sts::404315009621:assumed-role/digitisation-developer/aws-go-sdk-1721134354589563000", + "id": "404315009621", + "user_id": "AROAV4IYNOJKTCHJELIGZ:aws-go-sdk-1721134354589563000" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.transfer_shoots_topic", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "cross_account_sns_topic_policy", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "4080321813", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Id\": \"__default_policy_ID\",\n \"Statement\": [\n {\n \"Sid\": \"__default_statement_ID\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\"\n ],\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\",\n \"Principal\": {\n \"AWS\": \"*\"\n },\n \"Condition\": {\n \"StringEquals\": {\n \"AWS:SourceOwner\": \"404315009621\"\n }\n }\n },\n {\n \"Sid\": \"ReportingAccess\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:Receive\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\"\n ],\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\",\n \"Principal\": {\n \"AWS\": []\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Id\":\"__default_policy_ID\",\"Statement\":[{\"Sid\":\"__default_statement_ID\",\"Effect\":\"Allow\",\"Action\":[\"SNS:Subscribe\",\"SNS:SetTopicAttributes\",\"SNS:RemovePermission\",\"SNS:Receive\",\"SNS:Publish\",\"SNS:ListSubscriptionsByTopic\",\"SNS:GetTopicAttributes\",\"SNS:DeleteTopic\",\"SNS:AddPermission\"],\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\",\"Principal\":{\"AWS\":\"*\"},\"Condition\":{\"StringEquals\":{\"AWS:SourceOwner\":\"404315009621\"}}},{\"Sid\":\"ReportingAccess\",\"Effect\":\"Allow\",\"Action\":[\"SNS:Subscribe\",\"SNS:SetTopicAttributes\",\"SNS:Receive\",\"SNS:ListSubscriptionsByTopic\",\"SNS:GetTopicAttributes\"],\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\",\"Principal\":{\"AWS\":[]}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": "__default_policy_ID", + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "SNS:AddPermission", + "SNS:DeleteTopic", + "SNS:GetTopicAttributes", + "SNS:ListSubscriptionsByTopic", + "SNS:Publish", + "SNS:Receive", + "SNS:RemovePermission", + "SNS:SetTopicAttributes", + "SNS:Subscribe" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "404315009621" + ], + "variable": "AWS:SourceOwner" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "*" + ], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging" + ], + "sid": "__default_statement_ID" + }, + { + "actions": [ + "SNS:GetTopicAttributes", + "SNS:ListSubscriptionsByTopic", + "SNS:Receive", + "SNS:SetTopicAttributes", + "SNS:Subscribe" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging" + ], + "sid": "ReportingAccess" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.transfer_shoots_topic", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "publish_to_topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "967876800", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"sns:Publish\",\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"sns:Publish\",\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sns:Publish" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.transfer_shoots_topic", + "mode": "managed", + "type": "aws_sns_topic", + "name": "topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "application_failure_feedback_role_arn": "", + "application_success_feedback_role_arn": "", + "application_success_feedback_sample_rate": 0, + "archive_policy": "", + "arn": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging", + "beginning_archive_time": "", + "content_based_deduplication": false, + "delivery_policy": "", + "display_name": "", + "fifo_topic": false, + "firehose_failure_feedback_role_arn": "", + "firehose_success_feedback_role_arn": "", + "firehose_success_feedback_sample_rate": 0, + "http_failure_feedback_role_arn": "", + "http_success_feedback_role_arn": "", + "http_success_feedback_sample_rate": 0, + "id": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging", + "kms_master_key_id": "", + "lambda_failure_feedback_role_arn": "", + "lambda_success_feedback_role_arn": "", + "lambda_success_feedback_sample_rate": 0, + "name": "transfer-shoots-staging", + "name_prefix": "", + "owner": "404315009621", + "policy": "{\"Id\":\"__default_policy_ID\",\"Statement\":[{\"Action\":[\"SNS:GetTopicAttributes\",\"SNS:SetTopicAttributes\",\"SNS:AddPermission\",\"SNS:RemovePermission\",\"SNS:DeleteTopic\",\"SNS:Subscribe\",\"SNS:ListSubscriptionsByTopic\",\"SNS:Publish\"],\"Condition\":{\"StringEquals\":{\"AWS:SourceOwner\":\"404315009621\"}},\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"*\"},\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\",\"Sid\":\"__default_statement_ID\"}],\"Version\":\"2008-10-17\"}", + "signature_version": 0, + "sqs_failure_feedback_role_arn": "", + "sqs_success_feedback_role_arn": "", + "sqs_success_feedback_sample_rate": 0, + "tags": {}, + "tags_all": {}, + "tracing_config": "" + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_role_policy", + "name": "read_from_editorial_photography", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "lambda-role-editorial-photography-transfer-staging:read_from_editorial_photography-staging", + "name": "read_from_editorial_photography-staging", + "name_prefix": "", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":[\"s3:GetObject\",\"s3:ListBucket\"],\"Effect\":\"Allow\",\"Resource\":[\"arn:aws:s3:::wellcomecollection-editorial-photography\",\"arn:aws:s3:::wellcomecollection-editorial-photography/*\"]}]}", + "role": "lambda-role-editorial-photography-transfer-staging" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_role_policy", + "name": "write_to_archivematica_transfer_source", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "lambda-role-editorial-photography-transfer-staging:write_to_archivematica_transfer_source-staging", + "name": "write_to_archivematica_transfer_source-staging", + "name_prefix": "", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":\"s3:PutObject\",\"Effect\":\"Allow\",\"Resource\":\"arn:aws:s3:::wellcomecollection-archivematica-staging-transfer-source/*\"}]}", + "role": "lambda-role-editorial-photography-transfer-staging" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_caller_identity", + "name": "account", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "404315009621", + "arn": "arn:aws:sts::404315009621:assumed-role/digitisation-developer/aws-go-sdk-1721134354589563000", + "id": "404315009621", + "user_id": "AROAV4IYNOJKTCHJELIGZ:aws-go-sdk-1721134354589563000" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "lambda_assume_role", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "2690255455", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"lambda.amazonaws.com\"\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"sts:AssumeRole\",\"Principal\":{\"Service\":\"lambda.amazonaws.com\"}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sts:AssumeRole" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "lambda.amazonaws.com" + ], + "type": "Service" + } + ], + "resources": [], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "lambda_logging", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "869309412", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"logs:CreateLogGroup\",\n \"Resource\": \"arn:aws:logs:region:404315009621:*\"\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"logs:PutLogEvents\",\n \"logs:CreateLogStream\"\n ],\n \"Resource\": \"arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-staging:*\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"logs:CreateLogGroup\",\"Resource\":\"arn:aws:logs:region:404315009621:*\"},{\"Effect\":\"Allow\",\"Action\":[\"logs:PutLogEvents\",\"logs:CreateLogStream\"],\"Resource\":\"arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-staging:*\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "logs:CreateLogGroup" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:logs:region:404315009621:*" + ], + "sid": "" + }, + { + "actions": [ + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-staging:*" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "network_interface", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "2032075453", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:DeleteNetworkInterface\",\n \"ec2:CreateNetworkInterface\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"ec2:DescribeNetworkInterfaces\",\"ec2:DeleteNetworkInterface\",\"ec2:CreateNetworkInterface\"],\"Resource\":\"*\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "*" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_ssm_parameter", + "name": "log_destination", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ssm:eu-west-1:404315009621:parameter/logging/forwarder/destination_arn", + "id": "/logging/forwarder/destination_arn", + "insecure_value": "arn:aws:logs:eu-west-1:760097843905:destination:elasticsearch-forwarder-logs", + "name": "/logging/forwarder/destination_arn", + "type": "String", + "value": "arn:aws:logs:eu-west-1:760097843905:destination:elasticsearch-forwarder-logs", + "version": 1, + "with_decryption": true + }, + "sensitive_attributes": [ + [ + { + "type": "get_attr", + "value": "value" + } + ] + ] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_cloudwatch_log_group", + "name": "lambda", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-staging", + "id": "/aws/lambda/editorial-photography-transfer-staging", + "kms_key_id": "", + "log_group_class": "STANDARD", + "name": "/aws/lambda/editorial-photography-transfer-staging", + "name_prefix": "", + "retention_in_days": 1, + "skip_destroy": false, + "tags": {}, + "tags_all": {} + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_cloudwatch_log_subscription_filter", + "name": "kinesis", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "lambda-logs-to-kinesis", + "schema_version": 0, + "attributes": { + "destination_arn": "arn:aws:logs:eu-west-1:760097843905:destination:elasticsearch-forwarder-logs", + "distribution": "ByLogStream", + "filter_pattern": "", + "id": "cwlsf-2562960117", + "log_group_name": "/aws/lambda/editorial-photography-transfer-staging", + "name": "lambda-logs-to-kinesis", + "role_arn": "" + }, + "sensitive_attributes": [ + [ + { + "type": "get_attr", + "value": "destination_arn" + } + ] + ], + "private": "bnVsbA==", + "dependencies": [ + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_cloudwatch_log_group.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_ssm_parameter.log_destination" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_policy", + "name": "lambda_logging", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::404315009621:policy/lambda-logging-editorial-photography-transfer-staging", + "attachment_count": 1, + "description": "Allow the editorial-photography-transfer-staging Lambda to send logs to CloudWatch", + "id": "arn:aws:iam::404315009621:policy/lambda-logging-editorial-photography-transfer-staging", + "name": "lambda-logging-editorial-photography-transfer-staging", + "name_prefix": "", + "path": "/", + "policy": "{\"Statement\":[{\"Action\":\"logs:CreateLogGroup\",\"Effect\":\"Allow\",\"Resource\":\"arn:aws:logs:region:404315009621:*\"},{\"Action\":[\"logs:PutLogEvents\",\"logs:CreateLogStream\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-staging:*\"}],\"Version\":\"2012-10-17\"}", + "policy_id": "ANPAV4IYNOJKZU7ELG7UJ", + "tags": {}, + "tags_all": {} + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_cloudwatch_log_group.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_caller_identity.account", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_logging" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_role", + "name": "lambda", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::404315009621:role/lambda-role-editorial-photography-transfer-staging", + "assume_role_policy": "{\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"lambda.amazonaws.com\"}}],\"Version\":\"2012-10-17\"}", + "create_date": "2024-07-15T14:14:40Z", + "description": "", + "force_detach_policies": false, + "id": "lambda-role-editorial-photography-transfer-staging", + "inline_policy": [ + { + "name": "editorial-photography-staging-pull-from-queue", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":[\"sqs:ReceiveMessage\",\"sqs:GetQueueAttributes\",\"sqs:DeleteMessage\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging\"}]}" + }, + { + "name": "terraform-20240715141440702200000002", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":[\"s3:GetObject\",\"s3:ListBucket\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:s3:::wellcomecollection-editorial-photography\"}]}" + }, + { + "name": "write_to_archivematica_transfer_source-staging", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":\"s3:PutObject\",\"Effect\":\"Allow\",\"Resource\":\"arn:aws:s3:::wellcomecollection-archivematica-staging-transfer-source/*\"}]}" + } + ], + "managed_policy_arns": [ + "arn:aws:iam::404315009621:policy/lambda-logging-editorial-photography-transfer-staging" + ], + "max_session_duration": 3600, + "name": "lambda-role-editorial-photography-transfer-staging", + "name_prefix": "", + "path": "/", + "permissions_boundary": "", + "tags": {}, + "tags_all": {}, + "unique_id": "AROAV4IYNOJKXAWUXPBTM" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "lambda_logging", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "lambda-role-editorial-photography-transfer-staging-20240715141441227900000004", + "policy_arn": "arn:aws:iam::404315009621:policy/lambda-logging-editorial-photography-transfer-staging", + "role": "lambda-role-editorial-photography-transfer-staging" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_cloudwatch_log_group.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_policy.lambda_logging", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_caller_identity.account", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_logging" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_lambda_function", + "name": "main", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "architectures": [ + "x86_64" + ], + "arn": "arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-staging", + "code_sha256": "6+Zdzy6IxAzcFVue7NkJR09+ZcqmMSfKPH7F4WsrtMU=", + "code_signing_config_arn": "", + "dead_letter_config": [], + "description": "", + "environment": [ + { + "variables": { + "ACCESSION_NUMBER": "2754", + "TARGET_BUCKET": "wellcomecollection-archivematica-staging-transfer-source" + } + } + ], + "ephemeral_storage": [ + { + "size": 512 + } + ], + "file_system_config": [], + "filename": "./lambda.zip", + "function_name": "editorial-photography-transfer-staging", + "handler": "lambda_function.lambda_handler", + "id": "editorial-photography-transfer-staging", + "image_config": [], + "image_uri": "", + "invoke_arn": "arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-staging/invocations", + "kms_key_arn": "", + "last_modified": "2024-07-16T12:25:59.000+0000", + "layers": [], + "logging_config": [ + { + "application_log_level": "", + "log_format": "Text", + "log_group": "/aws/lambda/editorial-photography-transfer-staging", + "system_log_level": "" + } + ], + "memory_size": 512, + "package_type": "Zip", + "publish": false, + "qualified_arn": "arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-staging:$LATEST", + "qualified_invoke_arn": "arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-staging:$LATEST/invocations", + "replace_security_groups_on_destroy": null, + "replacement_security_group_ids": null, + "reserved_concurrent_executions": -1, + "role": "arn:aws:iam::404315009621:role/lambda-role-editorial-photography-transfer-staging", + "runtime": "python3.12", + "s3_bucket": null, + "s3_key": null, + "s3_object_version": null, + "signing_job_arn": "", + "signing_profile_version_arn": "", + "skip_destroy": false, + "snap_start": [], + "source_code_hash": "6+Zdzy6IxAzcFVue7NkJR09+ZcqmMSfKPH7F4WsrtMU=", + "source_code_size": 29824, + "tags": {}, + "tags_all": {}, + "timeout": 120, + "timeouts": null, + "tracing_config": [ + { + "mode": "PassThrough" + } + ], + "version": "$LATEST", + "vpc_config": [] + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19", + "dependencies": [ + "data.archive_file.lambda_zip", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.trigger", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "allow_sqs_pull", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "384510246", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"sqs:ReceiveMessage\",\n \"sqs:GetQueueAttributes\",\n \"sqs:DeleteMessage\"\n ],\n \"Resource\": \"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"sqs:ReceiveMessage\",\"sqs:GetQueueAttributes\",\"sqs:DeleteMessage\"],\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sqs:DeleteMessage", + "sqs:GetQueueAttributes", + "sqs:ReceiveMessage" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.trigger", + "mode": "managed", + "type": "aws_iam_role_policy", + "name": "allow_sqs_pull", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "lambda-role-editorial-photography-transfer-staging:editorial-photography-staging-pull-from-queue", + "name": "editorial-photography-staging-pull-from-queue", + "name_prefix": "", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":[\"sqs:ReceiveMessage\",\"sqs:GetQueueAttributes\",\"sqs:DeleteMessage\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging\"}]}", + "role": "lambda-role-editorial-photography-transfer-staging" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.q", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.staging_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role", + "module.staging_lambda.module.trigger.data.aws_iam_policy_document.allow_sqs_pull" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.trigger", + "mode": "managed", + "type": "aws_lambda_event_source_mapping", + "name": "lambda_trigger", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "amazon_managed_kafka_event_source_config": [], + "batch_size": 1, + "bisect_batch_on_function_error": false, + "destination_config": [], + "document_db_event_source_config": [], + "enabled": true, + "event_source_arn": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging", + "filter_criteria": [], + "function_arn": "arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-staging", + "function_name": "arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-staging", + "function_response_types": [], + "id": "b4640bd2-1aef-4a05-a51d-6f8cb071596a", + "last_modified": "2024-07-15T14:26:13Z", + "last_processing_result": "", + "maximum_batching_window_in_seconds": 0, + "maximum_record_age_in_seconds": 0, + "maximum_retry_attempts": 0, + "parallelization_factor": 0, + "queues": [], + "scaling_config": [], + "self_managed_event_source": [], + "self_managed_kafka_event_source_config": [], + "source_access_configuration": [], + "starting_position": "", + "starting_position_timestamp": "", + "state": "Enabled", + "state_transition_reason": "USER_INITIATED", + "topics": [], + "tumbling_window_in_seconds": 0, + "uuid": "b4640bd2-1aef-4a05-a51d-6f8cb071596a" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "data.archive_file.lambda_zip", + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.q", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.staging_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_lambda_function.main", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.trigger", + "mode": "managed", + "type": "aws_lambda_permission", + "name": "allow_lambda_sqs_trigger", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "action": "lambda:InvokeFunction", + "event_source_token": null, + "function_name": "editorial-photography-transfer-staging", + "function_url_auth_type": null, + "id": "terraform-20240715141530726900000005", + "principal": "sqs.amazonaws.com", + "principal_org_id": null, + "qualifier": "", + "source_account": null, + "source_arn": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging", + "statement_id": "terraform-20240715141530726900000005", + "statement_id_prefix": "terraform-" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "data.archive_file.lambda_zip", + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.q", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.staging_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_lambda_function.main", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + } + ], + "check_results": [ + { + "object_kind": "var", + "config_addr": "module.production_lambda.module.transfer_lambda.var.environment", + "status": "pass", + "objects": [ + { + "object_addr": "module.production_lambda.module.transfer_lambda.var.environment", + "status": "pass" + } + ] + }, + { + "object_kind": "var", + "config_addr": "module.staging_lambda.var.environment", + "status": "pass", + "objects": [ + { + "object_addr": "module.staging_lambda.var.environment", + "status": "pass" + } + ] + }, + { + "object_kind": "var", + "config_addr": "module.staging_lambda.module.input_queue.var.environment", + "status": "pass", + "objects": [ + { + "object_addr": "module.staging_lambda.module.input_queue.var.environment", + "status": "pass" + } + ] + }, + { + "object_kind": "var", + "config_addr": "module.staging_lambda.module.transfer_lambda.var.environment", + "status": "pass", + "objects": [ + { + "object_addr": "module.staging_lambda.module.transfer_lambda.var.environment", + "status": "pass" + } + ] + }, + { + "object_kind": "var", + "config_addr": "module.production_lambda.var.environment", + "status": "pass", + "objects": [ + { + "object_addr": "module.production_lambda.var.environment", + "status": "pass" + } + ] + }, + { + "object_kind": "var", + "config_addr": "module.production_lambda.module.input_queue.var.environment", + "status": "pass", + "objects": [ + { + "object_addr": "module.production_lambda.module.input_queue.var.environment", + "status": "pass" + } + ] + } + ] +} diff --git a/terraform/terraform.tfstate.backup b/terraform/terraform.tfstate.backup new file mode 100644 index 0000000..c25aa34 --- /dev/null +++ b/terraform/terraform.tfstate.backup @@ -0,0 +1,2875 @@ +{ + "version": 4, + "terraform_version": "1.9.1", + "serial": 137, + "lineage": "f771bb0f-7da8-a6fb-16b0-05c69365ab79", + "outputs": {}, + "resources": [ + { + "mode": "data", + "type": "archive_file", + "name": "lambda_zip", + "provider": "provider[\"registry.terraform.io/hashicorp/archive\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "exclude_symlink_directories": null, + "excludes": null, + "id": "51e2cb1d23f5347d3f4c55449d087940218fbbe0", + "output_base64sha256": "6+Zdzy6IxAzcFVue7NkJR09+ZcqmMSfKPH7F4WsrtMU=", + "output_base64sha512": "lxsZATe1Q6nwQJzv8CyfvWKVh0eISy3hsOFZqPjo6sW5vWBX+xFYfLoLCHe9A67Kf4bfQLe9E0lwdh4AXyAapA==", + "output_file_mode": null, + "output_md5": "5be02375ee167b9fcc8b20b91a99d600", + "output_path": "lambda.zip", + "output_sha": "51e2cb1d23f5347d3f4c55449d087940218fbbe0", + "output_sha256": "ebe65dcf2e88c40cdc155b9eecd909474f7e65caa63127ca3c7ec5e16b2bb4c5", + "output_sha512": "971b190137b543a9f0409ceff02c9fbd62958747884b2de1b0e159a8f8e8eac5b9bd6057fb11587cba0b0877bd03aeca7f86df40b7bd134970761e005f201aa4", + "output_size": 29824, + "source": [], + "source_content": null, + "source_content_filename": null, + "source_dir": "../src", + "source_file": null, + "type": "zip" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.dlq_alarm_topic", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "404315009621", + "arn": "arn:aws:sts::404315009621:assumed-role/digitisation-developer/aws-go-sdk-1721132709985310000", + "id": "404315009621", + "user_id": "AROAV4IYNOJKTCHJELIGZ:aws-go-sdk-1721132709985310000" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.dlq_alarm_topic", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "cross_account_sns_topic_policy", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "4065007835", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Id\": \"__default_policy_ID\",\n \"Statement\": [\n {\n \"Sid\": \"__default_statement_ID\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\"\n ],\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production\",\n \"Principal\": {\n \"AWS\": \"*\"\n },\n \"Condition\": {\n \"StringEquals\": {\n \"AWS:SourceOwner\": \"404315009621\"\n }\n }\n },\n {\n \"Sid\": \"ReportingAccess\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:Receive\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\"\n ],\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production\",\n \"Principal\": {\n \"AWS\": []\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Id\":\"__default_policy_ID\",\"Statement\":[{\"Sid\":\"__default_statement_ID\",\"Effect\":\"Allow\",\"Action\":[\"SNS:Subscribe\",\"SNS:SetTopicAttributes\",\"SNS:RemovePermission\",\"SNS:Receive\",\"SNS:Publish\",\"SNS:ListSubscriptionsByTopic\",\"SNS:GetTopicAttributes\",\"SNS:DeleteTopic\",\"SNS:AddPermission\"],\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production\",\"Principal\":{\"AWS\":\"*\"},\"Condition\":{\"StringEquals\":{\"AWS:SourceOwner\":\"404315009621\"}}},{\"Sid\":\"ReportingAccess\",\"Effect\":\"Allow\",\"Action\":[\"SNS:Subscribe\",\"SNS:SetTopicAttributes\",\"SNS:Receive\",\"SNS:ListSubscriptionsByTopic\",\"SNS:GetTopicAttributes\"],\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production\",\"Principal\":{\"AWS\":[]}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": "__default_policy_ID", + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "SNS:AddPermission", + "SNS:DeleteTopic", + "SNS:GetTopicAttributes", + "SNS:ListSubscriptionsByTopic", + "SNS:Publish", + "SNS:Receive", + "SNS:RemovePermission", + "SNS:SetTopicAttributes", + "SNS:Subscribe" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "404315009621" + ], + "variable": "AWS:SourceOwner" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "*" + ], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production" + ], + "sid": "__default_statement_ID" + }, + { + "actions": [ + "SNS:GetTopicAttributes", + "SNS:ListSubscriptionsByTopic", + "SNS:Receive", + "SNS:SetTopicAttributes", + "SNS:Subscribe" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production" + ], + "sid": "ReportingAccess" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.dlq_alarm_topic", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "publish_to_topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "2217557951", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"sns:Publish\",\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"sns:Publish\",\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sns:Publish" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.dlq_alarm_topic", + "mode": "managed", + "type": "aws_sns_topic", + "name": "topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "application_failure_feedback_role_arn": "", + "application_success_feedback_role_arn": "", + "application_success_feedback_sample_rate": 0, + "archive_policy": "", + "arn": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production", + "beginning_archive_time": "", + "content_based_deduplication": false, + "delivery_policy": "", + "display_name": "", + "fifo_topic": false, + "firehose_failure_feedback_role_arn": "", + "firehose_success_feedback_role_arn": "", + "firehose_success_feedback_sample_rate": 0, + "http_failure_feedback_role_arn": "", + "http_success_feedback_role_arn": "", + "http_success_feedback_sample_rate": 0, + "id": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production", + "kms_master_key_id": "", + "lambda_failure_feedback_role_arn": "", + "lambda_success_feedback_role_arn": "", + "lambda_success_feedback_sample_rate": 0, + "name": "transfer-shoots-alarm-production", + "name_prefix": "", + "owner": "404315009621", + "policy": "{\"Id\":\"__default_policy_ID\",\"Statement\":[{\"Action\":[\"SNS:GetTopicAttributes\",\"SNS:SetTopicAttributes\",\"SNS:AddPermission\",\"SNS:RemovePermission\",\"SNS:DeleteTopic\",\"SNS:Subscribe\",\"SNS:ListSubscriptionsByTopic\",\"SNS:Publish\"],\"Condition\":{\"StringEquals\":{\"AWS:SourceOwner\":\"404315009621\"}},\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"*\"},\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production\",\"Sid\":\"__default_statement_ID\"}],\"Version\":\"2008-10-17\"}", + "signature_version": 0, + "sqs_failure_feedback_role_arn": "", + "sqs_success_feedback_role_arn": "", + "sqs_success_feedback_sample_rate": 0, + "tags": {}, + "tags_all": {}, + "tracing_config": "" + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.input_queue", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "404315009621", + "arn": "arn:aws:sts::404315009621:assumed-role/digitisation-developer/aws-go-sdk-1721132709985310000", + "id": "404315009621", + "user_id": "AROAV4IYNOJKTCHJELIGZ:aws-go-sdk-1721132709985310000" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.input_queue", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "read_from_queue", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "2552967950", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"sqs:ReceiveMessage\",\n \"sqs:DeleteMessage\",\n \"sqs:ChangeMessageVisibilityBatch\",\n \"sqs:ChangeMessageVisibility\"\n ],\n \"Resource\": \"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"sqs:ReceiveMessage\",\"sqs:DeleteMessage\",\"sqs:ChangeMessageVisibilityBatch\",\"sqs:ChangeMessageVisibility\"],\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sqs:ChangeMessageVisibility", + "sqs:ChangeMessageVisibilityBatch", + "sqs:DeleteMessage", + "sqs:ReceiveMessage" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.input_queue", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "write_to_queue", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "2738586252", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"es-sns-to-sqs-policy\",\n \"Effect\": \"Allow\",\n \"Action\": \"sqs:SendMessage\",\n \"Resource\": \"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production\",\n \"Principal\": {\n \"AWS\": \"*\"\n },\n \"Condition\": {\n \"ArnEquals\": {\n \"aws:SourceArn\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\"\n }\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"es-sns-to-sqs-policy\",\"Effect\":\"Allow\",\"Action\":\"sqs:SendMessage\",\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production\",\"Principal\":{\"AWS\":\"*\"},\"Condition\":{\"ArnEquals\":{\"aws:SourceArn\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\"}}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sqs:SendMessage" + ], + "condition": [ + { + "test": "ArnEquals", + "values": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production" + ], + "variable": "aws:SourceArn" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "*" + ], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production" + ], + "sid": "es-sns-to-sqs-policy" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.input_queue", + "mode": "data", + "type": "aws_region", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "Europe (Ireland)", + "endpoint": "ec2.eu-west-1.amazonaws.com", + "id": "eu-west-1", + "name": "eu-west-1" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.input_queue", + "mode": "managed", + "type": "aws_cloudwatch_metric_alarm", + "name": "dlq_not_empty", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "actions_enabled": true, + "alarm_actions": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-production" + ], + "alarm_description": "", + "alarm_name": "transfer-shoots-production_dlq_not_empty", + "arn": "arn:aws:cloudwatch:eu-west-1:404315009621:alarm:transfer-shoots-production_dlq_not_empty", + "comparison_operator": "GreaterThanThreshold", + "datapoints_to_alarm": 0, + "dimensions": { + "QueueName": "transfer-shoots-production_dlq" + }, + "evaluate_low_sample_count_percentiles": "", + "evaluation_periods": 1, + "extended_statistic": "", + "id": "transfer-shoots-production_dlq_not_empty", + "insufficient_data_actions": [], + "metric_name": "ApproximateNumberOfMessagesVisible", + "metric_query": [], + "namespace": "AWS/SQS", + "ok_actions": [], + "period": 60, + "statistic": "Average", + "tags": {}, + "tags_all": {}, + "threshold": 0, + "threshold_metric_id": "", + "treat_missing_data": "missing", + "unit": "" + }, + "sensitive_attributes": [], + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "module.production_lambda.module.input_queue.module.dlq_alarm_topic.aws_sns_topic.topic", + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq" + ] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.input_queue", + "mode": "managed", + "type": "aws_sns_topic_subscription", + "name": "sns_topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production:2c909279-8913-4154-a8a1-617f442af1fb", + "confirmation_timeout_in_minutes": 1, + "confirmation_was_authenticated": true, + "delivery_policy": "", + "endpoint": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production", + "endpoint_auto_confirms": false, + "filter_policy": "", + "filter_policy_scope": "", + "id": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production:2c909279-8913-4154-a8a1-617f442af1fb", + "owner_id": "404315009621", + "pending_confirmation": false, + "protocol": "sqs", + "raw_message_delivery": false, + "redrive_policy": "", + "replay_policy": "", + "subscription_role_arn": "", + "topic_arn": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.q", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.production_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic" + ] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.input_queue", + "mode": "managed", + "type": "aws_sqs_queue", + "name": "dlq", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production_dlq", + "content_based_deduplication": false, + "deduplication_scope": "", + "delay_seconds": 0, + "fifo_queue": false, + "fifo_throughput_limit": "", + "id": "https://sqs.eu-west-1.amazonaws.com/404315009621/transfer-shoots-production_dlq", + "kms_data_key_reuse_period_seconds": 300, + "kms_master_key_id": "", + "max_message_size": 262144, + "message_retention_seconds": 345600, + "name": "transfer-shoots-production_dlq", + "name_prefix": "", + "policy": "", + "receive_wait_time_seconds": 0, + "redrive_allow_policy": "", + "redrive_policy": "", + "sqs_managed_sse_enabled": true, + "tags": {}, + "tags_all": {}, + "url": "https://sqs.eu-west-1.amazonaws.com/404315009621/transfer-shoots-production_dlq", + "visibility_timeout_seconds": 30 + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.input_queue", + "mode": "managed", + "type": "aws_sqs_queue", + "name": "q", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production", + "content_based_deduplication": false, + "deduplication_scope": "", + "delay_seconds": 0, + "fifo_queue": false, + "fifo_throughput_limit": "", + "id": "https://sqs.eu-west-1.amazonaws.com/404315009621/transfer-shoots-production", + "kms_data_key_reuse_period_seconds": 300, + "kms_master_key_id": "", + "max_message_size": 262144, + "message_retention_seconds": 1200, + "name": "transfer-shoots-production", + "name_prefix": "", + "policy": "{\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Condition\":{\"ArnEquals\":{\"aws:SourceArn\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\"}},\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"*\"},\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production\",\"Sid\":\"es-sns-to-sqs-policy\"}],\"Version\":\"2012-10-17\"}", + "receive_wait_time_seconds": 0, + "redrive_allow_policy": "", + "redrive_policy": "{\"deadLetterTargetArn\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production_dlq\",\"maxReceiveCount\":1}", + "sqs_managed_sse_enabled": true, + "tags": {}, + "tags_all": {}, + "url": "https://sqs.eu-west-1.amazonaws.com/404315009621/transfer-shoots-production", + "visibility_timeout_seconds": 160 + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.production_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic" + ] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.transfer_shoots_topic", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "404315009621", + "arn": "arn:aws:sts::404315009621:assumed-role/digitisation-developer/aws-go-sdk-1721132709985310000", + "id": "404315009621", + "user_id": "AROAV4IYNOJKTCHJELIGZ:aws-go-sdk-1721132709985310000" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.transfer_shoots_topic", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "cross_account_sns_topic_policy", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "3746585137", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Id\": \"__default_policy_ID\",\n \"Statement\": [\n {\n \"Sid\": \"__default_statement_ID\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\"\n ],\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\",\n \"Principal\": {\n \"AWS\": \"*\"\n },\n \"Condition\": {\n \"StringEquals\": {\n \"AWS:SourceOwner\": \"404315009621\"\n }\n }\n },\n {\n \"Sid\": \"ReportingAccess\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:Receive\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\"\n ],\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\",\n \"Principal\": {\n \"AWS\": []\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Id\":\"__default_policy_ID\",\"Statement\":[{\"Sid\":\"__default_statement_ID\",\"Effect\":\"Allow\",\"Action\":[\"SNS:Subscribe\",\"SNS:SetTopicAttributes\",\"SNS:RemovePermission\",\"SNS:Receive\",\"SNS:Publish\",\"SNS:ListSubscriptionsByTopic\",\"SNS:GetTopicAttributes\",\"SNS:DeleteTopic\",\"SNS:AddPermission\"],\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\",\"Principal\":{\"AWS\":\"*\"},\"Condition\":{\"StringEquals\":{\"AWS:SourceOwner\":\"404315009621\"}}},{\"Sid\":\"ReportingAccess\",\"Effect\":\"Allow\",\"Action\":[\"SNS:Subscribe\",\"SNS:SetTopicAttributes\",\"SNS:Receive\",\"SNS:ListSubscriptionsByTopic\",\"SNS:GetTopicAttributes\"],\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\",\"Principal\":{\"AWS\":[]}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": "__default_policy_ID", + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "SNS:AddPermission", + "SNS:DeleteTopic", + "SNS:GetTopicAttributes", + "SNS:ListSubscriptionsByTopic", + "SNS:Publish", + "SNS:Receive", + "SNS:RemovePermission", + "SNS:SetTopicAttributes", + "SNS:Subscribe" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "404315009621" + ], + "variable": "AWS:SourceOwner" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "*" + ], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production" + ], + "sid": "__default_statement_ID" + }, + { + "actions": [ + "SNS:GetTopicAttributes", + "SNS:ListSubscriptionsByTopic", + "SNS:Receive", + "SNS:SetTopicAttributes", + "SNS:Subscribe" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production" + ], + "sid": "ReportingAccess" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.transfer_shoots_topic", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "publish_to_topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "551570421", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"sns:Publish\",\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"sns:Publish\",\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sns:Publish" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.input_queue.module.transfer_shoots_topic", + "mode": "managed", + "type": "aws_sns_topic", + "name": "topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "application_failure_feedback_role_arn": "", + "application_success_feedback_role_arn": "", + "application_success_feedback_sample_rate": 0, + "archive_policy": "", + "arn": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production", + "beginning_archive_time": "", + "content_based_deduplication": false, + "delivery_policy": "", + "display_name": "", + "fifo_topic": false, + "firehose_failure_feedback_role_arn": "", + "firehose_success_feedback_role_arn": "", + "firehose_success_feedback_sample_rate": 0, + "http_failure_feedback_role_arn": "", + "http_success_feedback_role_arn": "", + "http_success_feedback_sample_rate": 0, + "id": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production", + "kms_master_key_id": "", + "lambda_failure_feedback_role_arn": "", + "lambda_success_feedback_role_arn": "", + "lambda_success_feedback_sample_rate": 0, + "name": "transfer-shoots-production", + "name_prefix": "", + "owner": "404315009621", + "policy": "{\"Id\":\"__default_policy_ID\",\"Statement\":[{\"Action\":[\"SNS:GetTopicAttributes\",\"SNS:SetTopicAttributes\",\"SNS:AddPermission\",\"SNS:RemovePermission\",\"SNS:DeleteTopic\",\"SNS:Subscribe\",\"SNS:ListSubscriptionsByTopic\",\"SNS:Publish\"],\"Condition\":{\"StringEquals\":{\"AWS:SourceOwner\":\"404315009621\"}},\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"*\"},\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-production\",\"Sid\":\"__default_statement_ID\"}],\"Version\":\"2008-10-17\"}", + "signature_version": 0, + "sqs_failure_feedback_role_arn": "", + "sqs_success_feedback_role_arn": "", + "sqs_success_feedback_sample_rate": 0, + "tags": {}, + "tags_all": {}, + "tracing_config": "" + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_role_policy", + "name": "read_from_editorial_photography", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "lambda-role-editorial-photography-transfer-production:terraform-20240715141440672300000001", + "name": "terraform-20240715141440672300000001", + "name_prefix": "terraform-", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":[\"s3:GetObject\",\"s3:ListBucket\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:s3:::wellcomecollection-editorial-photography\"}]}", + "role": "lambda-role-editorial-photography-transfer-production" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_role_policy", + "name": "write_to_archivematica_transfer_source", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "lambda-role-editorial-photography-transfer-production:write_to_archivematica_transfer_source-production", + "name": "write_to_archivematica_transfer_source-production", + "name_prefix": "", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":\"s3:PutObject\",\"Effect\":\"Allow\",\"Resource\":\"arn:aws:s3:::wellcomecollection-archivematica-transfer-source/*\"}]}", + "role": "lambda-role-editorial-photography-transfer-production" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_caller_identity", + "name": "account", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "404315009621", + "arn": "arn:aws:sts::404315009621:assumed-role/digitisation-developer/aws-go-sdk-1721132709985310000", + "id": "404315009621", + "user_id": "AROAV4IYNOJKTCHJELIGZ:aws-go-sdk-1721132709985310000" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "lambda_assume_role", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "2690255455", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"lambda.amazonaws.com\"\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"sts:AssumeRole\",\"Principal\":{\"Service\":\"lambda.amazonaws.com\"}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sts:AssumeRole" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "lambda.amazonaws.com" + ], + "type": "Service" + } + ], + "resources": [], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "lambda_logging", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "3070120303", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"logs:CreateLogGroup\",\n \"Resource\": \"arn:aws:logs:region:404315009621:*\"\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"logs:PutLogEvents\",\n \"logs:CreateLogStream\"\n ],\n \"Resource\": \"arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-production:*\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"logs:CreateLogGroup\",\"Resource\":\"arn:aws:logs:region:404315009621:*\"},{\"Effect\":\"Allow\",\"Action\":[\"logs:PutLogEvents\",\"logs:CreateLogStream\"],\"Resource\":\"arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-production:*\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "logs:CreateLogGroup" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:logs:region:404315009621:*" + ], + "sid": "" + }, + { + "actions": [ + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-production:*" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "network_interface", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "2032075453", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:DeleteNetworkInterface\",\n \"ec2:CreateNetworkInterface\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"ec2:DescribeNetworkInterfaces\",\"ec2:DeleteNetworkInterface\",\"ec2:CreateNetworkInterface\"],\"Resource\":\"*\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "*" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_ssm_parameter", + "name": "log_destination", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ssm:eu-west-1:404315009621:parameter/logging/forwarder/destination_arn", + "id": "/logging/forwarder/destination_arn", + "insecure_value": "arn:aws:logs:eu-west-1:760097843905:destination:elasticsearch-forwarder-logs", + "name": "/logging/forwarder/destination_arn", + "type": "String", + "value": "arn:aws:logs:eu-west-1:760097843905:destination:elasticsearch-forwarder-logs", + "version": 1, + "with_decryption": true + }, + "sensitive_attributes": [ + [ + { + "type": "get_attr", + "value": "value" + } + ] + ] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_cloudwatch_log_group", + "name": "lambda", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-production", + "id": "/aws/lambda/editorial-photography-transfer-production", + "kms_key_id": "", + "log_group_class": "STANDARD", + "name": "/aws/lambda/editorial-photography-transfer-production", + "name_prefix": "", + "retention_in_days": 1, + "skip_destroy": false, + "tags": {}, + "tags_all": {} + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_cloudwatch_log_subscription_filter", + "name": "kinesis", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "lambda-logs-to-kinesis", + "schema_version": 0, + "attributes": { + "destination_arn": "arn:aws:logs:eu-west-1:760097843905:destination:elasticsearch-forwarder-logs", + "distribution": "ByLogStream", + "filter_pattern": "", + "id": "cwlsf-445002994", + "log_group_name": "/aws/lambda/editorial-photography-transfer-production", + "name": "lambda-logs-to-kinesis", + "role_arn": "" + }, + "sensitive_attributes": [ + [ + { + "type": "get_attr", + "value": "destination_arn" + } + ] + ], + "private": "bnVsbA==", + "dependencies": [ + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_cloudwatch_log_group.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_ssm_parameter.log_destination" + ] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_policy", + "name": "lambda_logging", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::404315009621:policy/lambda-logging-editorial-photography-transfer-production", + "attachment_count": 1, + "description": "Allow the editorial-photography-transfer-production Lambda to send logs to CloudWatch", + "id": "arn:aws:iam::404315009621:policy/lambda-logging-editorial-photography-transfer-production", + "name": "lambda-logging-editorial-photography-transfer-production", + "name_prefix": "", + "path": "/", + "policy": "{\"Statement\":[{\"Action\":\"logs:CreateLogGroup\",\"Effect\":\"Allow\",\"Resource\":\"arn:aws:logs:region:404315009621:*\"},{\"Action\":[\"logs:PutLogEvents\",\"logs:CreateLogStream\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-production:*\"}],\"Version\":\"2012-10-17\"}", + "policy_id": "ANPAV4IYNOJKREQUT7Z66", + "tags": {}, + "tags_all": {} + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_cloudwatch_log_group.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_caller_identity.account", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_logging" + ] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_role", + "name": "lambda", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::404315009621:role/lambda-role-editorial-photography-transfer-production", + "assume_role_policy": "{\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"lambda.amazonaws.com\"}}],\"Version\":\"2012-10-17\"}", + "create_date": "2024-07-15T14:14:40Z", + "description": "", + "force_detach_policies": false, + "id": "lambda-role-editorial-photography-transfer-production", + "inline_policy": [ + { + "name": "editorial-photography-production-pull-from-queue", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":[\"sqs:ReceiveMessage\",\"sqs:GetQueueAttributes\",\"sqs:DeleteMessage\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production\"}]}" + }, + { + "name": "terraform-20240715141440672300000001", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":[\"s3:GetObject\",\"s3:ListBucket\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:s3:::wellcomecollection-editorial-photography\"}]}" + }, + { + "name": "write_to_archivematica_transfer_source-production", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":\"s3:PutObject\",\"Effect\":\"Allow\",\"Resource\":\"arn:aws:s3:::wellcomecollection-archivematica-transfer-source/*\"}]}" + } + ], + "managed_policy_arns": [ + "arn:aws:iam::404315009621:policy/lambda-logging-editorial-photography-transfer-production" + ], + "max_session_duration": 3600, + "name": "lambda-role-editorial-photography-transfer-production", + "name_prefix": "", + "path": "/", + "permissions_boundary": "", + "tags": {}, + "tags_all": {}, + "unique_id": "AROAV4IYNOJKZW7JWPDCL" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "lambda_logging", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "lambda-role-editorial-photography-transfer-production-20240715141441102300000003", + "policy_arn": "arn:aws:iam::404315009621:policy/lambda-logging-editorial-photography-transfer-production", + "role": "lambda-role-editorial-photography-transfer-production" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_cloudwatch_log_group.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_policy.lambda_logging", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_caller_identity.account", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_logging" + ] + } + ] + }, + { + "module": "module.production_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_lambda_function", + "name": "main", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "architectures": [ + "x86_64" + ], + "arn": "arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-production", + "code_sha256": "6+Zdzy6IxAzcFVue7NkJR09+ZcqmMSfKPH7F4WsrtMU=", + "code_signing_config_arn": "", + "dead_letter_config": [], + "description": "", + "environment": [ + { + "variables": { + "ACCESSION_NUMBER": "2754", + "TARGET_BUCKET": "wellcomecollection-archivematica-transfer-source" + } + } + ], + "ephemeral_storage": [ + { + "size": 512 + } + ], + "file_system_config": [], + "filename": "./lambda.zip", + "function_name": "editorial-photography-transfer-production", + "handler": "lambda_function.lambda_handler", + "id": "editorial-photography-transfer-production", + "image_config": [], + "image_uri": "", + "invoke_arn": "arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-production/invocations", + "kms_key_arn": "", + "last_modified": "2024-07-16T12:25:54.000+0000", + "layers": [], + "logging_config": [ + { + "application_log_level": "", + "log_format": "Text", + "log_group": "/aws/lambda/editorial-photography-transfer-production", + "system_log_level": "" + } + ], + "memory_size": 512, + "package_type": "Zip", + "publish": false, + "qualified_arn": "arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-production:$LATEST", + "qualified_invoke_arn": "arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-production:$LATEST/invocations", + "replace_security_groups_on_destroy": null, + "replacement_security_group_ids": null, + "reserved_concurrent_executions": -1, + "role": "arn:aws:iam::404315009621:role/lambda-role-editorial-photography-transfer-production", + "runtime": "python3.12", + "s3_bucket": null, + "s3_key": null, + "s3_object_version": null, + "signing_job_arn": "", + "signing_profile_version_arn": "", + "skip_destroy": false, + "snap_start": [], + "source_code_hash": "6+Zdzy6IxAzcFVue7NkJR09+ZcqmMSfKPH7F4WsrtMU=", + "source_code_size": 29824, + "tags": {}, + "tags_all": {}, + "timeout": 120, + "timeouts": null, + "tracing_config": [ + { + "mode": "PassThrough" + } + ], + "version": "$LATEST", + "vpc_config": [] + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19", + "dependencies": [ + "data.archive_file.lambda_zip", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.production_lambda.module.trigger", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "allow_sqs_pull", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "2608286902", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"sqs:ReceiveMessage\",\n \"sqs:GetQueueAttributes\",\n \"sqs:DeleteMessage\"\n ],\n \"Resource\": \"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"sqs:ReceiveMessage\",\"sqs:GetQueueAttributes\",\"sqs:DeleteMessage\"],\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sqs:DeleteMessage", + "sqs:GetQueueAttributes", + "sqs:ReceiveMessage" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.production_lambda.module.trigger", + "mode": "managed", + "type": "aws_iam_role_policy", + "name": "allow_sqs_pull", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "lambda-role-editorial-photography-transfer-production:editorial-photography-production-pull-from-queue", + "name": "editorial-photography-production-pull-from-queue", + "name_prefix": "", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":[\"sqs:ReceiveMessage\",\"sqs:GetQueueAttributes\",\"sqs:DeleteMessage\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production\"}]}", + "role": "lambda-role-editorial-photography-transfer-production" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.q", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.production_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role", + "module.production_lambda.module.trigger.data.aws_iam_policy_document.allow_sqs_pull" + ] + } + ] + }, + { + "module": "module.production_lambda.module.trigger", + "mode": "managed", + "type": "aws_lambda_event_source_mapping", + "name": "lambda_trigger", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "amazon_managed_kafka_event_source_config": [], + "batch_size": 1, + "bisect_batch_on_function_error": false, + "destination_config": [], + "document_db_event_source_config": [], + "enabled": true, + "event_source_arn": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production", + "filter_criteria": [], + "function_arn": "arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-production", + "function_name": "arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-production", + "function_response_types": [], + "id": "5b4798fd-d285-4dd4-b065-e5d735743e66", + "last_modified": "2024-07-15T14:26:13Z", + "last_processing_result": "", + "maximum_batching_window_in_seconds": 0, + "maximum_record_age_in_seconds": 0, + "maximum_retry_attempts": 0, + "parallelization_factor": 0, + "queues": [], + "scaling_config": [], + "self_managed_event_source": [], + "self_managed_kafka_event_source_config": [], + "source_access_configuration": [], + "starting_position": "", + "starting_position_timestamp": "", + "state": "Enabled", + "state_transition_reason": "USER_INITIATED", + "topics": [], + "tumbling_window_in_seconds": 0, + "uuid": "5b4798fd-d285-4dd4-b065-e5d735743e66" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "data.archive_file.lambda_zip", + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.q", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.production_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_lambda_function.main", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.production_lambda.module.trigger", + "mode": "managed", + "type": "aws_lambda_permission", + "name": "allow_lambda_sqs_trigger", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "action": "lambda:InvokeFunction", + "event_source_token": null, + "function_name": "editorial-photography-transfer-production", + "function_url_auth_type": null, + "id": "terraform-20240715141530727400000006", + "principal": "sqs.amazonaws.com", + "principal_org_id": null, + "qualifier": "", + "source_account": null, + "source_arn": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-production", + "statement_id": "terraform-20240715141530727400000006", + "statement_id_prefix": "terraform-" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "data.archive_file.lambda_zip", + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.production_lambda.module.input_queue.module.input_queue.aws_sqs_queue.q", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.production_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.production_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.aws_lambda_function.main", + "module.production_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.dlq_alarm_topic", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "404315009621", + "arn": "arn:aws:sts::404315009621:assumed-role/digitisation-developer/aws-go-sdk-1721132709985310000", + "id": "404315009621", + "user_id": "AROAV4IYNOJKTCHJELIGZ:aws-go-sdk-1721132709985310000" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.dlq_alarm_topic", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "cross_account_sns_topic_policy", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "933436621", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Id\": \"__default_policy_ID\",\n \"Statement\": [\n {\n \"Sid\": \"__default_statement_ID\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\"\n ],\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging\",\n \"Principal\": {\n \"AWS\": \"*\"\n },\n \"Condition\": {\n \"StringEquals\": {\n \"AWS:SourceOwner\": \"404315009621\"\n }\n }\n },\n {\n \"Sid\": \"ReportingAccess\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:Receive\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\"\n ],\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging\",\n \"Principal\": {\n \"AWS\": []\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Id\":\"__default_policy_ID\",\"Statement\":[{\"Sid\":\"__default_statement_ID\",\"Effect\":\"Allow\",\"Action\":[\"SNS:Subscribe\",\"SNS:SetTopicAttributes\",\"SNS:RemovePermission\",\"SNS:Receive\",\"SNS:Publish\",\"SNS:ListSubscriptionsByTopic\",\"SNS:GetTopicAttributes\",\"SNS:DeleteTopic\",\"SNS:AddPermission\"],\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging\",\"Principal\":{\"AWS\":\"*\"},\"Condition\":{\"StringEquals\":{\"AWS:SourceOwner\":\"404315009621\"}}},{\"Sid\":\"ReportingAccess\",\"Effect\":\"Allow\",\"Action\":[\"SNS:Subscribe\",\"SNS:SetTopicAttributes\",\"SNS:Receive\",\"SNS:ListSubscriptionsByTopic\",\"SNS:GetTopicAttributes\"],\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging\",\"Principal\":{\"AWS\":[]}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": "__default_policy_ID", + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "SNS:AddPermission", + "SNS:DeleteTopic", + "SNS:GetTopicAttributes", + "SNS:ListSubscriptionsByTopic", + "SNS:Publish", + "SNS:Receive", + "SNS:RemovePermission", + "SNS:SetTopicAttributes", + "SNS:Subscribe" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "404315009621" + ], + "variable": "AWS:SourceOwner" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "*" + ], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging" + ], + "sid": "__default_statement_ID" + }, + { + "actions": [ + "SNS:GetTopicAttributes", + "SNS:ListSubscriptionsByTopic", + "SNS:Receive", + "SNS:SetTopicAttributes", + "SNS:Subscribe" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging" + ], + "sid": "ReportingAccess" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.dlq_alarm_topic", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "publish_to_topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "2847489774", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"sns:Publish\",\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"sns:Publish\",\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sns:Publish" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.dlq_alarm_topic", + "mode": "managed", + "type": "aws_sns_topic", + "name": "topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "application_failure_feedback_role_arn": "", + "application_success_feedback_role_arn": "", + "application_success_feedback_sample_rate": 0, + "archive_policy": "", + "arn": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging", + "beginning_archive_time": "", + "content_based_deduplication": false, + "delivery_policy": "", + "display_name": "", + "fifo_topic": false, + "firehose_failure_feedback_role_arn": "", + "firehose_success_feedback_role_arn": "", + "firehose_success_feedback_sample_rate": 0, + "http_failure_feedback_role_arn": "", + "http_success_feedback_role_arn": "", + "http_success_feedback_sample_rate": 0, + "id": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging", + "kms_master_key_id": "", + "lambda_failure_feedback_role_arn": "", + "lambda_success_feedback_role_arn": "", + "lambda_success_feedback_sample_rate": 0, + "name": "transfer-shoots-alarm-staging", + "name_prefix": "", + "owner": "404315009621", + "policy": "{\"Id\":\"__default_policy_ID\",\"Statement\":[{\"Action\":[\"SNS:GetTopicAttributes\",\"SNS:SetTopicAttributes\",\"SNS:AddPermission\",\"SNS:RemovePermission\",\"SNS:DeleteTopic\",\"SNS:Subscribe\",\"SNS:ListSubscriptionsByTopic\",\"SNS:Publish\"],\"Condition\":{\"StringEquals\":{\"AWS:SourceOwner\":\"404315009621\"}},\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"*\"},\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging\",\"Sid\":\"__default_statement_ID\"}],\"Version\":\"2008-10-17\"}", + "signature_version": 0, + "sqs_failure_feedback_role_arn": "", + "sqs_success_feedback_role_arn": "", + "sqs_success_feedback_sample_rate": 0, + "tags": {}, + "tags_all": {}, + "tracing_config": "" + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.input_queue", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "404315009621", + "arn": "arn:aws:sts::404315009621:assumed-role/digitisation-developer/aws-go-sdk-1721132709985310000", + "id": "404315009621", + "user_id": "AROAV4IYNOJKTCHJELIGZ:aws-go-sdk-1721132709985310000" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.input_queue", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "read_from_queue", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "1466361473", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"sqs:ReceiveMessage\",\n \"sqs:DeleteMessage\",\n \"sqs:ChangeMessageVisibilityBatch\",\n \"sqs:ChangeMessageVisibility\"\n ],\n \"Resource\": \"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"sqs:ReceiveMessage\",\"sqs:DeleteMessage\",\"sqs:ChangeMessageVisibilityBatch\",\"sqs:ChangeMessageVisibility\"],\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sqs:ChangeMessageVisibility", + "sqs:ChangeMessageVisibilityBatch", + "sqs:DeleteMessage", + "sqs:ReceiveMessage" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.input_queue", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "write_to_queue", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "1273799732", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"es-sns-to-sqs-policy\",\n \"Effect\": \"Allow\",\n \"Action\": \"sqs:SendMessage\",\n \"Resource\": \"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging\",\n \"Principal\": {\n \"AWS\": \"*\"\n },\n \"Condition\": {\n \"ArnEquals\": {\n \"aws:SourceArn\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\"\n }\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"es-sns-to-sqs-policy\",\"Effect\":\"Allow\",\"Action\":\"sqs:SendMessage\",\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging\",\"Principal\":{\"AWS\":\"*\"},\"Condition\":{\"ArnEquals\":{\"aws:SourceArn\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\"}}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sqs:SendMessage" + ], + "condition": [ + { + "test": "ArnEquals", + "values": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging" + ], + "variable": "aws:SourceArn" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "*" + ], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging" + ], + "sid": "es-sns-to-sqs-policy" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.input_queue", + "mode": "data", + "type": "aws_region", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "Europe (Ireland)", + "endpoint": "ec2.eu-west-1.amazonaws.com", + "id": "eu-west-1", + "name": "eu-west-1" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.input_queue", + "mode": "managed", + "type": "aws_cloudwatch_metric_alarm", + "name": "dlq_not_empty", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "actions_enabled": true, + "alarm_actions": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-alarm-staging" + ], + "alarm_description": "", + "alarm_name": "transfer-shoots-staging_dlq_not_empty", + "arn": "arn:aws:cloudwatch:eu-west-1:404315009621:alarm:transfer-shoots-staging_dlq_not_empty", + "comparison_operator": "GreaterThanThreshold", + "datapoints_to_alarm": 0, + "dimensions": { + "QueueName": "transfer-shoots-staging_dlq" + }, + "evaluate_low_sample_count_percentiles": "", + "evaluation_periods": 1, + "extended_statistic": "", + "id": "transfer-shoots-staging_dlq_not_empty", + "insufficient_data_actions": [], + "metric_name": "ApproximateNumberOfMessagesVisible", + "metric_query": [], + "namespace": "AWS/SQS", + "ok_actions": [], + "period": 60, + "statistic": "Average", + "tags": {}, + "tags_all": {}, + "threshold": 0, + "threshold_metric_id": "", + "treat_missing_data": "missing", + "unit": "" + }, + "sensitive_attributes": [], + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "module.staging_lambda.module.input_queue.module.dlq_alarm_topic.aws_sns_topic.topic", + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.input_queue", + "mode": "managed", + "type": "aws_sns_topic_subscription", + "name": "sns_topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging:67cf1855-0bee-491c-a9ef-d21c48490347", + "confirmation_timeout_in_minutes": 1, + "confirmation_was_authenticated": true, + "delivery_policy": "", + "endpoint": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging", + "endpoint_auto_confirms": false, + "filter_policy": "", + "filter_policy_scope": "", + "id": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging:67cf1855-0bee-491c-a9ef-d21c48490347", + "owner_id": "404315009621", + "pending_confirmation": false, + "protocol": "sqs", + "raw_message_delivery": false, + "redrive_policy": "", + "replay_policy": "", + "subscription_role_arn": "", + "topic_arn": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.q", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.staging_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.input_queue", + "mode": "managed", + "type": "aws_sqs_queue", + "name": "dlq", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging_dlq", + "content_based_deduplication": false, + "deduplication_scope": "", + "delay_seconds": 0, + "fifo_queue": false, + "fifo_throughput_limit": "", + "id": "https://sqs.eu-west-1.amazonaws.com/404315009621/transfer-shoots-staging_dlq", + "kms_data_key_reuse_period_seconds": 300, + "kms_master_key_id": "", + "max_message_size": 262144, + "message_retention_seconds": 345600, + "name": "transfer-shoots-staging_dlq", + "name_prefix": "", + "policy": "", + "receive_wait_time_seconds": 0, + "redrive_allow_policy": "", + "redrive_policy": "", + "sqs_managed_sse_enabled": true, + "tags": {}, + "tags_all": {}, + "url": "https://sqs.eu-west-1.amazonaws.com/404315009621/transfer-shoots-staging_dlq", + "visibility_timeout_seconds": 30 + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.input_queue", + "mode": "managed", + "type": "aws_sqs_queue", + "name": "q", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging", + "content_based_deduplication": false, + "deduplication_scope": "", + "delay_seconds": 0, + "fifo_queue": false, + "fifo_throughput_limit": "", + "id": "https://sqs.eu-west-1.amazonaws.com/404315009621/transfer-shoots-staging", + "kms_data_key_reuse_period_seconds": 300, + "kms_master_key_id": "", + "max_message_size": 262144, + "message_retention_seconds": 1200, + "name": "transfer-shoots-staging", + "name_prefix": "", + "policy": "{\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Condition\":{\"ArnEquals\":{\"aws:SourceArn\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\"}},\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"*\"},\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging\",\"Sid\":\"es-sns-to-sqs-policy\"}],\"Version\":\"2012-10-17\"}", + "receive_wait_time_seconds": 0, + "redrive_allow_policy": "", + "redrive_policy": "{\"deadLetterTargetArn\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging_dlq\",\"maxReceiveCount\":1}", + "sqs_managed_sse_enabled": true, + "tags": {}, + "tags_all": {}, + "url": "https://sqs.eu-west-1.amazonaws.com/404315009621/transfer-shoots-staging", + "visibility_timeout_seconds": 160 + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.staging_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.transfer_shoots_topic", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "404315009621", + "arn": "arn:aws:sts::404315009621:assumed-role/digitisation-developer/aws-go-sdk-1721132709985310000", + "id": "404315009621", + "user_id": "AROAV4IYNOJKTCHJELIGZ:aws-go-sdk-1721132709985310000" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.transfer_shoots_topic", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "cross_account_sns_topic_policy", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "4080321813", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Id\": \"__default_policy_ID\",\n \"Statement\": [\n {\n \"Sid\": \"__default_statement_ID\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\"\n ],\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\",\n \"Principal\": {\n \"AWS\": \"*\"\n },\n \"Condition\": {\n \"StringEquals\": {\n \"AWS:SourceOwner\": \"404315009621\"\n }\n }\n },\n {\n \"Sid\": \"ReportingAccess\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:Receive\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\"\n ],\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\",\n \"Principal\": {\n \"AWS\": []\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Id\":\"__default_policy_ID\",\"Statement\":[{\"Sid\":\"__default_statement_ID\",\"Effect\":\"Allow\",\"Action\":[\"SNS:Subscribe\",\"SNS:SetTopicAttributes\",\"SNS:RemovePermission\",\"SNS:Receive\",\"SNS:Publish\",\"SNS:ListSubscriptionsByTopic\",\"SNS:GetTopicAttributes\",\"SNS:DeleteTopic\",\"SNS:AddPermission\"],\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\",\"Principal\":{\"AWS\":\"*\"},\"Condition\":{\"StringEquals\":{\"AWS:SourceOwner\":\"404315009621\"}}},{\"Sid\":\"ReportingAccess\",\"Effect\":\"Allow\",\"Action\":[\"SNS:Subscribe\",\"SNS:SetTopicAttributes\",\"SNS:Receive\",\"SNS:ListSubscriptionsByTopic\",\"SNS:GetTopicAttributes\"],\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\",\"Principal\":{\"AWS\":[]}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": "__default_policy_ID", + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "SNS:AddPermission", + "SNS:DeleteTopic", + "SNS:GetTopicAttributes", + "SNS:ListSubscriptionsByTopic", + "SNS:Publish", + "SNS:Receive", + "SNS:RemovePermission", + "SNS:SetTopicAttributes", + "SNS:Subscribe" + ], + "condition": [ + { + "test": "StringEquals", + "values": [ + "404315009621" + ], + "variable": "AWS:SourceOwner" + } + ], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "*" + ], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging" + ], + "sid": "__default_statement_ID" + }, + { + "actions": [ + "SNS:GetTopicAttributes", + "SNS:ListSubscriptionsByTopic", + "SNS:Receive", + "SNS:SetTopicAttributes", + "SNS:Subscribe" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [], + "type": "AWS" + } + ], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging" + ], + "sid": "ReportingAccess" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.transfer_shoots_topic", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "publish_to_topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "967876800", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"sns:Publish\",\n \"Resource\": \"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"sns:Publish\",\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sns:Publish" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.input_queue.module.transfer_shoots_topic", + "mode": "managed", + "type": "aws_sns_topic", + "name": "topic", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "application_failure_feedback_role_arn": "", + "application_success_feedback_role_arn": "", + "application_success_feedback_sample_rate": 0, + "archive_policy": "", + "arn": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging", + "beginning_archive_time": "", + "content_based_deduplication": false, + "delivery_policy": "", + "display_name": "", + "fifo_topic": false, + "firehose_failure_feedback_role_arn": "", + "firehose_success_feedback_role_arn": "", + "firehose_success_feedback_sample_rate": 0, + "http_failure_feedback_role_arn": "", + "http_success_feedback_role_arn": "", + "http_success_feedback_sample_rate": 0, + "id": "arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging", + "kms_master_key_id": "", + "lambda_failure_feedback_role_arn": "", + "lambda_success_feedback_role_arn": "", + "lambda_success_feedback_sample_rate": 0, + "name": "transfer-shoots-staging", + "name_prefix": "", + "owner": "404315009621", + "policy": "{\"Id\":\"__default_policy_ID\",\"Statement\":[{\"Action\":[\"SNS:GetTopicAttributes\",\"SNS:SetTopicAttributes\",\"SNS:AddPermission\",\"SNS:RemovePermission\",\"SNS:DeleteTopic\",\"SNS:Subscribe\",\"SNS:ListSubscriptionsByTopic\",\"SNS:Publish\"],\"Condition\":{\"StringEquals\":{\"AWS:SourceOwner\":\"404315009621\"}},\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"*\"},\"Resource\":\"arn:aws:sns:eu-west-1:404315009621:transfer-shoots-staging\",\"Sid\":\"__default_statement_ID\"}],\"Version\":\"2008-10-17\"}", + "signature_version": 0, + "sqs_failure_feedback_role_arn": "", + "sqs_success_feedback_role_arn": "", + "sqs_success_feedback_sample_rate": 0, + "tags": {}, + "tags_all": {}, + "tracing_config": "" + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_role_policy", + "name": "read_from_editorial_photography", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "lambda-role-editorial-photography-transfer-staging:terraform-20240715141440702200000002", + "name": "terraform-20240715141440702200000002", + "name_prefix": "terraform-", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":[\"s3:GetObject\",\"s3:ListBucket\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:s3:::wellcomecollection-editorial-photography\"}]}", + "role": "lambda-role-editorial-photography-transfer-staging" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_role_policy", + "name": "write_to_archivematica_transfer_source", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "lambda-role-editorial-photography-transfer-staging:write_to_archivematica_transfer_source-staging", + "name": "write_to_archivematica_transfer_source-staging", + "name_prefix": "", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":\"s3:PutObject\",\"Effect\":\"Allow\",\"Resource\":\"arn:aws:s3:::wellcomecollection-archivematica-staging-transfer-source/*\"}]}", + "role": "lambda-role-editorial-photography-transfer-staging" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_caller_identity", + "name": "account", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "404315009621", + "arn": "arn:aws:sts::404315009621:assumed-role/digitisation-developer/aws-go-sdk-1721132709985310000", + "id": "404315009621", + "user_id": "AROAV4IYNOJKTCHJELIGZ:aws-go-sdk-1721132709985310000" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "lambda_assume_role", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "2690255455", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"lambda.amazonaws.com\"\n }\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"sts:AssumeRole\",\"Principal\":{\"Service\":\"lambda.amazonaws.com\"}}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sts:AssumeRole" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "lambda.amazonaws.com" + ], + "type": "Service" + } + ], + "resources": [], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "lambda_logging", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "869309412", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": \"logs:CreateLogGroup\",\n \"Resource\": \"arn:aws:logs:region:404315009621:*\"\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"logs:PutLogEvents\",\n \"logs:CreateLogStream\"\n ],\n \"Resource\": \"arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-staging:*\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"logs:CreateLogGroup\",\"Resource\":\"arn:aws:logs:region:404315009621:*\"},{\"Effect\":\"Allow\",\"Action\":[\"logs:PutLogEvents\",\"logs:CreateLogStream\"],\"Resource\":\"arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-staging:*\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "logs:CreateLogGroup" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:logs:region:404315009621:*" + ], + "sid": "" + }, + { + "actions": [ + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-staging:*" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "network_interface", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "2032075453", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:DeleteNetworkInterface\",\n \"ec2:CreateNetworkInterface\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"ec2:DescribeNetworkInterfaces\",\"ec2:DeleteNetworkInterface\",\"ec2:CreateNetworkInterface\"],\"Resource\":\"*\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "ec2:CreateNetworkInterface", + "ec2:DeleteNetworkInterface", + "ec2:DescribeNetworkInterfaces" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "*" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "data", + "type": "aws_ssm_parameter", + "name": "log_destination", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ssm:eu-west-1:404315009621:parameter/logging/forwarder/destination_arn", + "id": "/logging/forwarder/destination_arn", + "insecure_value": "arn:aws:logs:eu-west-1:760097843905:destination:elasticsearch-forwarder-logs", + "name": "/logging/forwarder/destination_arn", + "type": "String", + "value": "arn:aws:logs:eu-west-1:760097843905:destination:elasticsearch-forwarder-logs", + "version": 1, + "with_decryption": true + }, + "sensitive_attributes": [ + [ + { + "type": "get_attr", + "value": "value" + } + ] + ] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_cloudwatch_log_group", + "name": "lambda", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-staging", + "id": "/aws/lambda/editorial-photography-transfer-staging", + "kms_key_id": "", + "log_group_class": "STANDARD", + "name": "/aws/lambda/editorial-photography-transfer-staging", + "name_prefix": "", + "retention_in_days": 1, + "skip_destroy": false, + "tags": {}, + "tags_all": {} + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_cloudwatch_log_subscription_filter", + "name": "kinesis", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "lambda-logs-to-kinesis", + "schema_version": 0, + "attributes": { + "destination_arn": "arn:aws:logs:eu-west-1:760097843905:destination:elasticsearch-forwarder-logs", + "distribution": "ByLogStream", + "filter_pattern": "", + "id": "cwlsf-2562960117", + "log_group_name": "/aws/lambda/editorial-photography-transfer-staging", + "name": "lambda-logs-to-kinesis", + "role_arn": "" + }, + "sensitive_attributes": [ + [ + { + "type": "get_attr", + "value": "destination_arn" + } + ] + ], + "private": "bnVsbA==", + "dependencies": [ + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_cloudwatch_log_group.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_ssm_parameter.log_destination" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_policy", + "name": "lambda_logging", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::404315009621:policy/lambda-logging-editorial-photography-transfer-staging", + "attachment_count": 1, + "description": "Allow the editorial-photography-transfer-staging Lambda to send logs to CloudWatch", + "id": "arn:aws:iam::404315009621:policy/lambda-logging-editorial-photography-transfer-staging", + "name": "lambda-logging-editorial-photography-transfer-staging", + "name_prefix": "", + "path": "/", + "policy": "{\"Statement\":[{\"Action\":\"logs:CreateLogGroup\",\"Effect\":\"Allow\",\"Resource\":\"arn:aws:logs:region:404315009621:*\"},{\"Action\":[\"logs:PutLogEvents\",\"logs:CreateLogStream\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:logs:eu-west-1:404315009621:log-group:/aws/lambda/editorial-photography-transfer-staging:*\"}],\"Version\":\"2012-10-17\"}", + "policy_id": "ANPAV4IYNOJKZU7ELG7UJ", + "tags": {}, + "tags_all": {} + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_cloudwatch_log_group.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_caller_identity.account", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_logging" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_role", + "name": "lambda", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::404315009621:role/lambda-role-editorial-photography-transfer-staging", + "assume_role_policy": "{\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"lambda.amazonaws.com\"}}],\"Version\":\"2012-10-17\"}", + "create_date": "2024-07-15T14:14:40Z", + "description": "", + "force_detach_policies": false, + "id": "lambda-role-editorial-photography-transfer-staging", + "inline_policy": [ + { + "name": "editorial-photography-staging-pull-from-queue", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":[\"sqs:ReceiveMessage\",\"sqs:GetQueueAttributes\",\"sqs:DeleteMessage\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging\"}]}" + }, + { + "name": "terraform-20240715141440702200000002", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":[\"s3:GetObject\",\"s3:ListBucket\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:s3:::wellcomecollection-editorial-photography\"}]}" + }, + { + "name": "write_to_archivematica_transfer_source-staging", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":\"s3:PutObject\",\"Effect\":\"Allow\",\"Resource\":\"arn:aws:s3:::wellcomecollection-archivematica-staging-transfer-source/*\"}]}" + } + ], + "managed_policy_arns": [ + "arn:aws:iam::404315009621:policy/lambda-logging-editorial-photography-transfer-staging" + ], + "max_session_duration": 3600, + "name": "lambda-role-editorial-photography-transfer-staging", + "name_prefix": "", + "path": "/", + "permissions_boundary": "", + "tags": {}, + "tags_all": {}, + "unique_id": "AROAV4IYNOJKXAWUXPBTM" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "lambda_logging", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "lambda-role-editorial-photography-transfer-staging-20240715141441227900000004", + "policy_arn": "arn:aws:iam::404315009621:policy/lambda-logging-editorial-photography-transfer-staging", + "role": "lambda-role-editorial-photography-transfer-staging" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_cloudwatch_log_group.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_policy.lambda_logging", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_caller_identity.account", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_logging" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.transfer_lambda.module.transfer_lambda", + "mode": "managed", + "type": "aws_lambda_function", + "name": "main", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "architectures": [ + "x86_64" + ], + "arn": "arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-staging", + "code_sha256": "6+Zdzy6IxAzcFVue7NkJR09+ZcqmMSfKPH7F4WsrtMU=", + "code_signing_config_arn": "", + "dead_letter_config": [], + "description": "", + "environment": [ + { + "variables": { + "ACCESSION_NUMBER": "2754", + "TARGET_BUCKET": "wellcomecollection-archivematica-staging-transfer-source" + } + } + ], + "ephemeral_storage": [ + { + "size": 512 + } + ], + "file_system_config": [], + "filename": "./lambda.zip", + "function_name": "editorial-photography-transfer-staging", + "handler": "lambda_function.lambda_handler", + "id": "editorial-photography-transfer-staging", + "image_config": [], + "image_uri": "", + "invoke_arn": "arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-staging/invocations", + "kms_key_arn": "", + "last_modified": "2024-07-16T12:25:59.000+0000", + "layers": [], + "logging_config": [ + { + "application_log_level": "", + "log_format": "Text", + "log_group": "/aws/lambda/editorial-photography-transfer-staging", + "system_log_level": "" + } + ], + "memory_size": 512, + "package_type": "Zip", + "publish": false, + "qualified_arn": "arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-staging:$LATEST", + "qualified_invoke_arn": "arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-staging:$LATEST/invocations", + "replace_security_groups_on_destroy": null, + "replacement_security_group_ids": null, + "reserved_concurrent_executions": -1, + "role": "arn:aws:iam::404315009621:role/lambda-role-editorial-photography-transfer-staging", + "runtime": "python3.12", + "s3_bucket": null, + "s3_key": null, + "s3_object_version": null, + "signing_job_arn": "", + "signing_profile_version_arn": "", + "skip_destroy": false, + "snap_start": [], + "source_code_hash": "6+Zdzy6IxAzcFVue7NkJR09+ZcqmMSfKPH7F4WsrtMU=", + "source_code_size": 29824, + "tags": {}, + "tags_all": {}, + "timeout": 120, + "timeouts": null, + "tracing_config": [ + { + "mode": "PassThrough" + } + ], + "version": "$LATEST", + "vpc_config": [] + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19", + "dependencies": [ + "data.archive_file.lambda_zip", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.trigger", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "allow_sqs_pull", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "384510246", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"sqs:ReceiveMessage\",\n \"sqs:GetQueueAttributes\",\n \"sqs:DeleteMessage\"\n ],\n \"Resource\": \"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging\"\n }\n ]\n}", + "minified_json": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"sqs:ReceiveMessage\",\"sqs:GetQueueAttributes\",\"sqs:DeleteMessage\"],\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging\"}]}", + "override_json": null, + "override_policy_documents": null, + "policy_id": null, + "source_json": null, + "source_policy_documents": null, + "statement": [ + { + "actions": [ + "sqs:DeleteMessage", + "sqs:GetQueueAttributes", + "sqs:ReceiveMessage" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging" + ], + "sid": "" + } + ], + "version": "2012-10-17" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.staging_lambda.module.trigger", + "mode": "managed", + "type": "aws_iam_role_policy", + "name": "allow_sqs_pull", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "lambda-role-editorial-photography-transfer-staging:editorial-photography-staging-pull-from-queue", + "name": "editorial-photography-staging-pull-from-queue", + "name_prefix": "", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":[\"sqs:ReceiveMessage\",\"sqs:GetQueueAttributes\",\"sqs:DeleteMessage\"],\"Effect\":\"Allow\",\"Resource\":\"arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging\"}]}", + "role": "lambda-role-editorial-photography-transfer-staging" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.q", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.staging_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role", + "module.staging_lambda.module.trigger.data.aws_iam_policy_document.allow_sqs_pull" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.trigger", + "mode": "managed", + "type": "aws_lambda_event_source_mapping", + "name": "lambda_trigger", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "amazon_managed_kafka_event_source_config": [], + "batch_size": 1, + "bisect_batch_on_function_error": false, + "destination_config": [], + "document_db_event_source_config": [], + "enabled": true, + "event_source_arn": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging", + "filter_criteria": [], + "function_arn": "arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-staging", + "function_name": "arn:aws:lambda:eu-west-1:404315009621:function:editorial-photography-transfer-staging", + "function_response_types": [], + "id": "b4640bd2-1aef-4a05-a51d-6f8cb071596a", + "last_modified": "2024-07-15T14:26:13Z", + "last_processing_result": "", + "maximum_batching_window_in_seconds": 0, + "maximum_record_age_in_seconds": 0, + "maximum_retry_attempts": 0, + "parallelization_factor": 0, + "queues": [], + "scaling_config": [], + "self_managed_event_source": [], + "self_managed_kafka_event_source_config": [], + "source_access_configuration": [], + "starting_position": "", + "starting_position_timestamp": "", + "state": "Enabled", + "state_transition_reason": "USER_INITIATED", + "topics": [], + "tumbling_window_in_seconds": 0, + "uuid": "b4640bd2-1aef-4a05-a51d-6f8cb071596a" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "data.archive_file.lambda_zip", + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.q", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.staging_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_lambda_function.main", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + }, + { + "module": "module.staging_lambda.module.trigger", + "mode": "managed", + "type": "aws_lambda_permission", + "name": "allow_lambda_sqs_trigger", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "action": "lambda:InvokeFunction", + "event_source_token": null, + "function_name": "editorial-photography-transfer-staging", + "function_url_auth_type": null, + "id": "terraform-20240715141530726900000005", + "principal": "sqs.amazonaws.com", + "principal_org_id": null, + "qualifier": "", + "source_account": null, + "source_arn": "arn:aws:sqs:eu-west-1:404315009621:transfer-shoots-staging", + "statement_id": "terraform-20240715141530726900000005", + "statement_id_prefix": "terraform-" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "data.archive_file.lambda_zip", + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.dlq", + "module.staging_lambda.module.input_queue.module.input_queue.aws_sqs_queue.q", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_caller_identity.current", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_iam_policy_document.write_to_queue", + "module.staging_lambda.module.input_queue.module.input_queue.data.aws_region.current", + "module.staging_lambda.module.input_queue.module.transfer_shoots_topic.aws_sns_topic.topic", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_iam_role.lambda", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.aws_lambda_function.main", + "module.staging_lambda.module.transfer_lambda.module.transfer_lambda.data.aws_iam_policy_document.lambda_assume_role" + ] + } + ] + } + ], + "check_results": [ + { + "object_kind": "var", + "config_addr": "module.production_lambda.module.transfer_lambda.var.environment", + "status": "pass", + "objects": [ + { + "object_addr": "module.production_lambda.module.transfer_lambda.var.environment", + "status": "pass" + } + ] + }, + { + "object_kind": "var", + "config_addr": "module.staging_lambda.var.environment", + "status": "pass", + "objects": [ + { + "object_addr": "module.staging_lambda.var.environment", + "status": "pass" + } + ] + }, + { + "object_kind": "var", + "config_addr": "module.staging_lambda.module.input_queue.var.environment", + "status": "pass", + "objects": [ + { + "object_addr": "module.staging_lambda.module.input_queue.var.environment", + "status": "pass" + } + ] + }, + { + "object_kind": "var", + "config_addr": "module.staging_lambda.module.transfer_lambda.var.environment", + "status": "pass", + "objects": [ + { + "object_addr": "module.staging_lambda.module.transfer_lambda.var.environment", + "status": "pass" + } + ] + }, + { + "object_kind": "var", + "config_addr": "module.production_lambda.var.environment", + "status": "pass", + "objects": [ + { + "object_addr": "module.production_lambda.var.environment", + "status": "pass" + } + ] + }, + { + "object_kind": "var", + "config_addr": "module.production_lambda.module.input_queue.var.environment", + "status": "pass", + "objects": [ + { + "object_addr": "module.production_lambda.module.input_queue.var.environment", + "status": "pass" + } + ] + } + ] +} diff --git a/terraform/variables.tf b/terraform/variables.tf new file mode 100644 index 0000000..e69de29