Open
Conversation
Suggested Improvements1. Branch Reference Update
2. Pipeline Code Repetition
3. Pipeline Test Parameter Consistency
4. Redundant Whitespaces
5. Security: Parameterize Sensitive Data
6. Carbon Usage and Cost Optimization
7. Naming Consistency
8. Set Clear Default Variables for Production
Cost and Carbon Usage Impact
|
Plan Result (765: sbox_backendappgateway - TerraformPlanApply)
Change Result (Click me) # module.backendappgateway.azurerm_application_gateway.ag[0] will be updated in-place
~ resource "azurerm_application_gateway" "ag" {
id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks00-sandbox-agw"
name = "cft-aks00-sandbox-agw"
tags = {
"application" = "core"
"autoShutdown" = "true"
"builtFrom" = "hmcts/azure-platform-terraform"
"businessArea" = "CFT"
"criticality" = "Low"
"environment" = "sandbox"
"expiresAfter" = "3000-01-01"
"startupMode" = "always"
}
# (8 unchanged attributes hidden)
- probe {
- host = "bulk-scan-orchestrator-sandbox.service.core-compute-sandbox.internal" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks00-sandbox-agw/probes/bulk-scan-orchestrator" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "bulk-scan-orchestrator" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "bulk-scan-payment-processor-sandbox.service.core-compute-sandbox.internal" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks00-sandbox-agw/probes/bulk-scan-payment-processor" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "bulk-scan-payment-processor" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "bulk-scan-processor-sandbox.service.core-compute-sandbox.internal" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks00-sandbox-agw/probes/bulk-scan-processor" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "bulk-scan-processor" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "div-emca-sandbox.service.core-compute-sandbox.internal" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks00-sandbox-agw/probes/div-emca" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "div-emca" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "docmosis.sandbox.platform.hmcts.net" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks00-sandbox-agw/probes/dg-docmosis" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "dg-docmosis" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "draft-store-service-sandbox.service.core-compute-sandbox.internal" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks00-sandbox-agw/probes/draft-store-service" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "draft-store-service" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "fpl-case-service-sandbox.service.core-compute-sandbox.internal" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks00-sandbox-agw/probes/fpl-case-service" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "fpl-case-service" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "ia-bail-case-api-sandbox.service.core-compute-sandbox.internal" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks00-sandbox-agw/probes/ia-bail-case-api" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "ia-bail-case-api" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "ia-case-api-sandbox.service.core-compute-sandbox.internal" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks00-sandbox-agw/probes/ia-case-api" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "ia-case-api" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "ia-case-documents-api-sandbox.service.core-compute-sandbox.internal" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks00-sandbox-agw/probes/ia-case-documents-api" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "ia-case-documents-api" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "ia-case-notifications-api-sandbox.service.core-compute-sandbox.internal" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks00-sandbox-agw/probes/ia-case-notifications-api" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "ia-case-notifications-api" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "ia-hearings-api-sandbox.service.core-compute-sandbox.internal" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks00-sandbox-agw/probes/ia-hearings-api" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "ia-hearings-api" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "idam-api-sprod.sandbox.platform.hmcts.net" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks00-sandbox-agw/probes/idam-api-sprod" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "idam-api-sprod" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "idam-api.sandbox.platform.hmcts.net" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks00-sandbox-agw/probes/idam-api" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "idam-api" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "idam-hmcts-access.sandbox.platform.hmcts.net" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks00-sandbox-agw/probes/idam-hmcts-access" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "idam-hmcts-access" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "idam-testing-support-api.sandbox.platform.hmcts.net" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks00-sandbox-agw/probes/idam-testing-support-api" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "idam-testing-support-api" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold
# ...
# ... The maximum length of GitHub Comment is 65536, so the content is omitted by tfcmt.
# ...
= "ia-case-documents-api-sandbox.service.core-compute-sandbox.internal"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "ia-case-documents-api"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "ia-case-notifications-api-sandbox.service.core-compute-sandbox.internal"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "ia-case-notifications-api"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "ia-hearings-api-sandbox.service.core-compute-sandbox.internal"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "ia-hearings-api"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "idam-api-sprod.sandbox.platform.hmcts.net"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "idam-api-sprod"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "idam-api.sandbox.platform.hmcts.net"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "idam-api"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "idam-hmcts-access.sandbox.platform.hmcts.net"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "idam-hmcts-access"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "idam-testing-support-api.sandbox.platform.hmcts.net"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "idam-testing-support-api"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "idam-user-dashboard.sandbox.platform.hmcts.net"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "idam-user-dashboard"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "idam-user-profile-bridge.sandbox.platform.hmcts.net"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "idam-user-profile-bridge"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "idam-web-admin-sprod.sandbox.platform.hmcts.net"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "idam-web-admin-sprod"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "idam-web-admin.sandbox.platform.hmcts.net"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "idam-web-admin"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "labs-apps-njs-sandbox.service.core-compute-sandbox.internal"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "labs-apps-njs"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "labs-dj-khaled-sandbox.service.core-compute-sandbox.internal"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "labs-dj-khaled"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "payment-api-sandbox.service.core-compute-sandbox.internal"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "payment-api"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "plum-frontend-sandbox.service.core-compute-sandbox.internal"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "plum-frontend"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "probate-business-service-sandbox.service.core-compute-sandbox.internal"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "probate-business-service"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "probate-orchestrator-service-sandbox.service.core-compute-sandbox.internal"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "probate-orchestrator-service"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "probate-submit-service-sandbox.service.core-compute-sandbox.internal"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "probate-submit-service"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "rd-professional-api-sandbox.service.core-compute-sandbox.internal"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "rd-professional-api"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "rd-profile-sync-sandbox.service.core-compute-sandbox.internal"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "rd-profile-sync"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "rd-user-profile-api-sandbox.service.core-compute-sandbox.internal"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "rd-user-profile-api"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "reform-scan-blob-router-sandbox.service.core-compute-sandbox.internal"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "reform-scan-blob-router"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "reform-scan-notification-service-sandbox.service.core-compute-sandbox.internal"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "reform-scan-notification-service"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "rpe-send-letter-service-sandbox.service.core-compute-sandbox.internal"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "rpe-send-letter-service"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "sscs-evidence-share-sandbox.service.core-compute-sandbox.internal"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "sscs-evidence-share"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "sscs-tribunals-api-sandbox.service.core-compute-sandbox.internal"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "sscs-tribunals-api"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
~ ssl_policy {
+ min_protocol_version = "TLSv1_2"
# (4 unchanged attributes hidden)
}
# (187 unchanged blocks hidden)
}
# module.backendappgateway.azurerm_monitor_diagnostic_setting.diagnostics_access_logs_sa[0] will be updated in-place
~ resource "azurerm_monitor_diagnostic_setting" "diagnostics_access_logs_sa" {
id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks00-sandbox-agw|app-gw-storage-account"
name = "app-gw-storage-account"
# (6 unchanged attributes hidden)
- metric {
- category = "AllMetrics" -> null
- enabled = false -> null
- retention_policy {
- days = 0 -> null
- enabled = false -> null
}
}
# (5 unchanged blocks hidden)
}
Plan: 0 to add, 2 to change, 0 to destroy.
|
Plan Result (765: sbox_private_dns - TerraformPlanApply)
|
Plan Result (765: sbox_frontendappgateway - TerraformPlanApply)
Change Result (Click me) # azurerm_postgresql_flexible_server.tamopspsql will be created
+ resource "azurerm_postgresql_flexible_server" "tamopspsql" {
+ administrator_login = "thomas"
+ administrator_password = (sensitive value)
+ auto_grow_enabled = false
+ backup_retention_days = (known after apply)
+ fqdn = (known after apply)
+ geo_redundant_backup_enabled = false
+ id = (known after apply)
+ location = "uksouth"
+ name = "tamops-psqlflexibleserver"
+ private_dns_zone_id = (known after apply)
+ public_network_access_enabled = true
+ resource_group_name = "cft-sbox-network-rg"
+ sku_name = "GP_Standard_D48ds_v4"
+ storage_mb = 32768
+ storage_tier = (known after apply)
+ version = "16"
+ zone = "2"
+ authentication (known after apply)
+ high_availability {
+ mode = "ZoneRedundant"
+ standby_availability_zone = "3"
}
}
# azurerm_postgresql_flexible_server_database.tamopspsqldb will be created
+ resource "azurerm_postgresql_flexible_server_database" "tamopspsqldb" {
+ charset = "utf8"
+ collation = "en_US.utf8"
+ id = (known after apply)
+ name = "tamopsdb"
+ server_id = (known after apply)
}
# module.frontendappgateway.azurerm_application_gateway.ag[0] will be updated in-place
~ resource "azurerm_application_gateway" "ag" {
id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks-fe-00-sbox-agw"
name = "cft-aks-fe-00-sbox-agw"
tags = {
"application" = "core"
"autoShutdown" = "true"
"builtFrom" = "hmcts/azure-platform-terraform"
"businessArea" = "CFT"
"criticality" = "Low"
"environment" = "sandbox"
"expiresAfter" = "3000-01-01"
"startupMode" = "always"
}
# (8 unchanged attributes hidden)
~ autoscale_configuration {
~ max_capacity = 10 -> 75
~ min_capacity = 2 -> 50
}
- probe {
- host = "cft-api-mgmt.sandbox.platform.hmcts.net" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks-fe-00-sbox-agw/probes/cft-api-mgmt" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "cft-api-mgmt" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "hmcts-access.sandbox.platform.hmcts.net" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks-fe-00-sbox-agw/probes/hmcts-access" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "hmcts-access" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "hmi-apim.sandbox.platform.hmcts.net" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks-fe-00-sbox-agw/probes/hmi-apim" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "hmi-apim" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "idam-user-dashboard.sandbox.platform.hmcts.net" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks-fe-00-sbox-agw/probes/idam-user-dashboard" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "idam-user-dashboard" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "idam-web-public.sandbox.platform.hmcts.net" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks-fe-00-sbox-agw/probes/idam-web-public" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "idam-web-public" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "labs-goldenpath-shabbir.sandbox.platform.hmcts.net" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks-fe-00-sbox-agw/probes/labs-goldenpath-shabbir" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "labs-goldenpath-shabbir" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "labs-shabbir-nodejs.sandbox.platform.hmcts.net" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks-fe-00-sbox-agw/probes/labs-shabbir-nodejs" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "labs-shabbir-nodejs" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "plum.sandbox.platform.hmcts.net" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks-fe-00-sbox-agw/probes/plum" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "plum" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "plumclassic.sandbox.platform.hmcts.net" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks-fe-00-sbox-agw/probes/plumclassic" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "plumclassic" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
- probe {
- host = "reformscan.sandbox.platform.hmcts.net" -> null
- id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks-fe-00-sbox-agw/probes/reformscan" -> null
- interval = 20 -> null
- minimum_servers = 0 -> null
- name = "reformscan" -> null
- path = "/health/liveness" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
+ probe {
+ host = "cft-api-mgmt.sandbox.platform.hmcts.net"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "cft-api-mgmt"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "hmcts-access.sandbox.platform.hmcts.net"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "hmcts-access"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "hmi-apim.sandbox.platform.hmcts.net"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "hmi-apim"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "idam-user-dashboard.sandbox.platform.hmcts.net"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "idam-user-dashboard"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "idam-web-public.sandbox.platform.hmcts.net"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "idam-web-public"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "labs-goldenpath-shabbir.sandbox.platform.hmcts.net"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "labs-goldenpath-shabbir"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "labs-shabbir-nodejs.sandbox.platform.hmcts.net"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "labs-shabbir-nodejs"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "plum.sandbox.platform.hmcts.net"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "plum"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "plumclassic.sandbox.platform.hmcts.net"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "plumclassic"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
+ probe {
+ host = "reformscan.sandbox.platform.hmcts.net"
+ id = (known after apply)
+ interval = 20
+ minimum_servers = 0
+ name = "reformscan"
+ path = "/health/liveness"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
~ ssl_policy {
+ min_protocol_version = "TLSv1_2"
# (4 unchanged attributes hidden)
}
# (46 unchanged blocks hidden)
}
# module.frontendappgateway.azurerm_monitor_diagnostic_setting.diagnostics_access_logs_sa[0] will be updated in-place
~ resource "azurerm_monitor_diagnostic_setting" "diagnostics_access_logs_sa" {
id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/cft-sbox-network-rg/providers/Microsoft.Network/applicationGateways/cft-aks-fe-00-sbox-agw|app-gw-storage-account"
name = "app-gw-storage-account"
# (6 unchanged attributes hidden)
- metric {
- category = "AllMetrics" -> null
- enabled = false -> null
- retention_policy {
- days = 0 -> null
- enabled = false -> null
}
}
# (5 unchanged blocks hidden)
}
Plan: 2 to add, 2 to change, 0 to destroy.
|
Plan Result (765: sbox_global - TerraformPlanApply)
Change Result (Click me) # module.premium_front_door.azurerm_monitor_diagnostic_setting.diagnostics_access_logs_sa[0] will be updated in-place
~ resource "azurerm_monitor_diagnostic_setting" "diagnostics_access_logs_sa" {
id = "/subscriptions/b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb/resourceGroups/lz-sbox-rg/providers/Microsoft.Cdn/profiles/hmcts-sbox|fd-log-analytics-logs-sa"
name = "fd-log-analytics-logs-sa"
# (6 unchanged attributes hidden)
- metric {
- category = "AllMetrics" -> null
- enabled = false -> null
- retention_policy {
- days = 0 -> null
- enabled = false -> null
}
}
# (4 unchanged blocks hidden)
}
Plan: 0 to add, 1 to change, 0 to destroy.
|
Plan Result (765: sbox_apim_appgw - TerraformPlanApply)
Change Result (Click me) # module.app-gw.data.azurerm_monitor_diagnostic_categories.diagnostic_categories will be read during apply
# (depends on a resource or a module with changes pending)
<= data "azurerm_monitor_diagnostic_categories" "diagnostic_categories" {
+ id = (known after apply)
+ log_category_groups = (known after apply)
+ log_category_types = (known after apply)
+ logs = (known after apply)
+ metrics = (known after apply)
+ resource_id = "/subscriptions/ea3a8c1e-af9d-4108-bc86-a7e2d267f49c/resourceGroups/hmcts-hub-sbox-int/providers/Microsoft.Network/applicationGateways/cft-apim00-sandbox-agw"
}
# module.app-gw.azurerm_application_gateway.ag[0] will be updated in-place
~ resource "azurerm_application_gateway" "ag" {
id = "/subscriptions/ea3a8c1e-af9d-4108-bc86-a7e2d267f49c/resourceGroups/hmcts-hub-sbox-int/providers/Microsoft.Network/applicationGateways/cft-apim00-sandbox-agw"
name = "cft-apim00-sandbox-agw"
tags = {
"application" = "core"
"builtFrom" = "hmcts/azure-platform-terraform"
"businessArea" = "CFT"
"criticality" = "Low"
"environment" = "sandbox"
"expiresAfter" = "3000-01-01"
}
# (8 unchanged attributes hidden)
- probe {
- host = "cft-api-mgmt-appgw.sandbox.platform.hmcts.net" -> null
- id = "/subscriptions/ea3a8c1e-af9d-4108-bc86-a7e2d267f49c/resourceGroups/hmcts-hub-sbox-int/providers/Microsoft.Network/applicationGateways/cft-apim00-sandbox-agw/probes/cft-api-mgmt-appgw-probe" -> null
- interval = 10 -> null
- minimum_servers = 0 -> null
- name = "cft-api-mgmt-appgw-probe" -> null
- path = "/status-0123456789abcdef" -> null
- pick_host_name_from_backend_http_settings = false -> null
- port = 0 -> null
- protocol = "Http" -> null
- timeout = 15 -> null
- unhealthy_threshold = 3 -> null
- match {
- status_code = [
- "200-399",
] -> null
# (1 unchanged attribute hidden)
}
}
+ probe {
+ host = "cft-api-mgmt-appgw.sandbox.platform.hmcts.net"
+ id = (known after apply)
+ interval = 10
+ minimum_servers = 0
+ name = "cft-api-mgmt-appgw-probe"
+ path = "/status-0123456789abcdef"
+ pick_host_name_from_backend_http_settings = false
+ protocol = "Http"
+ timeout = 15
+ unhealthy_threshold = 3
}
~ ssl_policy {
+ min_protocol_version = "TLSv1_2"
# (4 unchanged attributes hidden)
}
# (14 unchanged blocks hidden)
}
# module.app-gw.azurerm_monitor_diagnostic_setting.diagnostic_settings[0] will be updated in-place
~ resource "azurerm_monitor_diagnostic_setting" "diagnostic_settings" {
id = "/subscriptions/ea3a8c1e-af9d-4108-bc86-a7e2d267f49c/resourceGroups/hmcts-hub-sbox-int/providers/Microsoft.Network/applicationGateways/cft-apim00-sandbox-agw|AppGw"
name = "AppGw"
# (5 unchanged attributes hidden)
~ metric (known after apply)
- metric {
- category = "AllMetrics" -> null
- enabled = true -> null
- retention_policy {
- days = 0 -> null
- enabled = true -> null
}
}
# (3 unchanged blocks hidden)
}
Plan: 0 to add, 2 to change, 0 to destroy.
|
Plan Result (765: sbox_shutter_webapp - TerraformPlanApply)
Change Result (Click me) # module.static_webapp.azurerm_dns_txt_record.zone_validate["labs-goldenpath-shabbir"] will be updated in-place
~ resource "azurerm_dns_txt_record" "zone_validate" {
id = "/subscriptions/ed302caf-ec27-4c64-a05e-85731c3ce90e/resourceGroups/reformMgmtRG/providers/Microsoft.Network/dnsZones/sandbox.platform.hmcts.net/TXT/_dnsauth.labs-goldenpath-shabbir"
name = "_dnsauth.labs-goldenpath-shabbir"
tags = {}
# (4 unchanged attributes hidden)
- record {
# At least one attribute in this block is (or was) sensitive,
# so its contents will not be displayed.
}
+ record {
# At least one attribute in this block is (or was) sensitive,
# so its contents will not be displayed.
}
}
Plan: 0 to add, 1 to change, 0 to destroy.
|
Plan Result (765: sbox_apim - TerraformPlanApply) |
Suggested Improvements
Potential Cost Impact
SummaryPrioritize cleaning up repeated configurations with templates or variables, remove redundant lines, validate inconsistent |
Suggested Improvements:
General Observations:
Priority Actions:
Doing this will enhance readability, reduce costs, and align with best practices. |
Improvements
Security
Estimated Cost Implication
Example Summary of Changes:parameters:
pipeline_tests_default: false
environments:
sbox:
service_connection: 'dcd-cftapps-sbox'
storage_account_rg: 'core-infra-sbox-rg'
storage_account_name: 'cftappssbox'
prod:
service_connection: 'dcd-cftapps-prod'
storage_account_rg: 'core-infra-prod-rg'
storage_account_name: 'cftappsprod'
stages:
- stage: Precheck
...- deployment: 'prod_global'
environment: 'prod'
component: 'global'
service_connection: ${{ parameters.environments.prod.service_connection }}
storage_account_rg: ${{ parameters.environments.prod.storage_account_rg }}
storage_account_name: ${{ parameters.environments.prod.storage_account_name }}
pipeline_tests: ${{ parameters.pipeline_tests_default }}
dependsOn: 'sbox_global'By employing these improvements, the pipeline will be more efficient, maintainable, secure, and reusable. |
Improvements for
|
Improvements and Recommendations:Pipeline YAML File:
TFVars File:
Overall Considerations:
By addressing these improvements, the infrastructure code will be cleaner, cost-efficient, and more maintainable over time. |
Observations and Suggested ImprovementsGeneral Observations
azure_pipeline.yaml1. Repetition Across Deployment Blocks
2. Hardcoded Values
3. Unused Pipeline Parameters
4. Security Best Practice: Pin GitHub Repository Branch
5. Blank Lines and Dead Code
sbox.tfvars1. Unexplained Configuration Changes
2. Validation of Values
Cost Efficiency
Carbon Usage
Summary of Key Changes:
|
Improvements for
|
Recommendations for ImprovementGit diff:
|
Improvements for Code Quality, Security, Best Practices, Cost, and Carbon Usage1. Hardcoded Secrets in
|
Suggested ImprovementsGeneral Improvements
Security Issues
Cost Optimization
Best Practices
Carbon Usage
Summary of Changes
These changes will improve security, reduce costs (estimated savings: ~£2,000/month), enhance maintainability, and lower environmental impact. |
Issues and Suggestions for Improvement1. YAML: Reference Branch Naming
2. YAML:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Change description
test finops calculator
🤖AEP PR SUMMARY🤖
Request to AEP failed to process