nhs-notify-supplier-api/infrastructure/terraform/components/api/locals.tf at 5650d70aff2b5dc96a5b3b9a7940e82af8d2eead · NHSDigital/nhs-notify-supplier-api · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
locals {
  aws_lambda_functions_dir_path = "../../../../lambdas"
  root_domain_name              = "${var.environment}.${local.acct.route53_zone_names["supplier-api"]}" # e.g. [main|dev|abxy0].supplier-api.[dev|nonprod|prod].nhsnotify.national.nhs.uk
  root_domain_id                = local.acct.route53_zone_ids["supplier-api"]
  root_domain_nameservers       = local.acct.route53_zone_nameservers["supplier-api"]

  openapi_spec = templatefile("${path.module}/resources/spec.tmpl.json", {
    APIG_EXECUTION_ROLE_ARN    = aws_iam_role.api_gateway_execution_role.arn
    AWS_REGION                 = var.region
    SECURITY_POLICY            = local.rest_api_security_policy
    ENDPOINT_ACCESS_MODE       = local.rest_api_endpoint_access_mode
    AUTHORIZER_LAMBDA_ARN      = module.authorizer_lambda.function_arn
    GET_LETTER_LAMBDA_ARN      = module.get_letter.function_arn
    GET_LETTERS_LAMBDA_ARN     = module.get_letters.function_arn
    GET_LETTER_DATA_LAMBDA_ARN = module.get_letter_data.function_arn
    GET_STATUS_LAMBDA_ARN      = module.get_status.function_arn
    PATCH_LETTER_LAMBDA_ARN    = module.patch_letter.function_arn
    POST_LETTERS_LAMBDA_ARN    = module.post_letters.function_arn
    POST_MI_LAMBDA_ARN         = module.post_mi.function_arn
    GET_MI_LAMBDA_ARN          = module.get_mi.function_arn
  })

  destination_arn = "arn:aws:logs:${var.region}:${var.shared_infra_account_id}:destination:nhs-main-obs-firehose-logs"

  common_lambda_env_vars = {
    APIM_CORRELATION_HEADER         = "nhsd-correlation-id",
    DOWNLOAD_URL_TTL_SECONDS        = 60
    EVENT_SOURCE                    = "/data-plane/supplier-api/${var.group}/${var.environment}/letters"
    LETTER_TTL_HOURS                = 12960, # 18 months * 30 days * 24 hours
    LETTER_QUEUE_TABLE_NAME         = aws_dynamodb_table.letter_queue.name,
    LETTER_QUEUE_TTL_HOURS          = 168  # 7 days * 24 hours
    LETTER_QUEUE_VISIBILITY_TIMEOUT = 300, # 5 minutes * 60 seconds
    LETTERS_TABLE_NAME              = aws_dynamodb_table.letters.name,
    MI_TABLE_NAME                   = aws_dynamodb_table.mi.name,
    MI_TTL_HOURS                    = 2160 # 90 days * 24 hours
    SNS_TOPIC_ARN                   = "${module.eventsub.sns_topic.arn}",
    SUPPLIER_CONFIG_TABLE_NAME      = aws_dynamodb_table.supplier-configuration.name
    SUPPLIER_ID_HEADER              = "nhsd-supplier-id",
  }

  core_pdf_bucket_arn        = "arn:aws:s3:::comms-${var.core_account_id}-eu-west-2-${var.core_environment}-api-stg-pdf-pipeline"
  core_s3_kms_key_alias_name = "alias/comms-${var.core_environment}-api-s3"

  event_cache_bucket_name          = lookup(module.eventpub.s3_bucket_event_cache, "bucket", null)
  eventsub_event_cache_bucket_name = lookup(module.eventsub.s3_bucket_event_cache, "bucket", null)

  csoc_api_gw_log_destination_arn = format("arn:aws:logs:%s:%s:destination:api_gateway_log_destination",
    var.region,
    var.csoc_destination_account
  )
}