-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathproduction.tfvars
More file actions
164 lines (161 loc) · 5.66 KB
/
production.tfvars
File metadata and controls
164 lines (161 loc) · 5.66 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
allowed_account_ids = ["443944947292"]
deploy_account_id = "711966560482"
account_name = "production"
default_tags = {
Environment = "production"
}
environment_name = "production"
environment_type = "production"
environmental_settings = {
auth0_domain = "govuk-forms.uk.auth0.com"
disable_auth0 = false
enable_auth0_splunk_log_stream = true
pause_databases_on_inactivity = false
pause_databases_after_inactivity_seconds = 60 * 60 * 24
# Set to 24 hours for inactivity just in case the pause_database_on_inactivity flag is inverted or ignored
database_backup_retention_period_days = 30
enable_alert_actions = true
allow_authentication_from_email_domains = [
".gov.uk",
".mod.uk",
"@cefas.co.uk",
"@certoffice.org",
"@ddc-mod.org",
"@hs2.org.uk",
"@innovateuk.ukri.org",
"@mod.uk",
"@nationalhighways.co.uk",
"@naturalengland.org.uk",
"@slc.co.uk",
"@ukces.org.uk",
"@ukri.org",
"@dounreay.com",
"@marinemanagement.org.uk",
"@gov.scot",
"@dhsc.egresscloud.com"
]
forms_product_page_support_url = "https://www.forms.service.gov.uk/support"
rds_maintenance_window = "wed:04:00-wed:04:30"
ips_to_block = []
rate_limit_bypass_cidrs = []
enable_shield_advanced_healthchecks = true
allow_pagerduty_alerts = true
}
root_domain = "forms.service.gov.uk"
additional_dns_records = [
# Records in support of MyNCSC Web Check
{
# Validation record for apex domain
name = "_asvdns-3135bcc2-f3a6-4575-99e3-107b802607ab"
type = "TXT"
ttl = 86400
records = ["asvdns_ba7549ac-6142-4838-a85d-aad0cd4e3238"]
},
{
# Validation record for submit.
name = "_asvdns-677c95c4-4883-49c1-aaaf-d5d357de6214.submit"
type = "TXT"
ttl = 86400
records = ["asvdns_1562e193-1dda-4dff-b80f-30a51d40f9fa"]
},
{
# Validation record for admin.
name = "_asvdns-7ccd9131-fdea-4bcf-9ee3-980f751ccff6.admin"
type = "TXT"
ttl = 86400
records = ["asvdns_c563af35-dcf1-40c6-b2c0-bc2719a2c2fc"]
},
{
# Validation record for www.
name = "_asvdns-b4f022ae-7033-40d5-bd61-1465c9ea5a30.www"
type = "TXT"
ttl = 86400
records = ["asvdns_61809fb0-4bf0-4e8e-82e2-e6febfba9faa"]
},
{
# Validation record for api.
name = "_asvdns-453532a6-2653-4d64-a5b2-8bd02812ccea.api"
type = "TXT"
ttl = 86400
records = ["asvdns_1d96d003-5726-4840-b265-4b5f6e08094a"]
},
# DMARC records from MyNCSC
{
# DMARC reporting record for apex domain
name = "_dmarc"
type = "TXT"
ttl = 86400
records = ["v=DMARC1; p=quarantine; pct=100; rua=mailto:dmarc-rua@dmarc.service.gov.uk;"]
},
{
# DMARC reporting record for submit.
name = "_dmarc.submit"
type = "TXT"
ttl = 86400
records = ["v=DMARC1; p=quarantine; pct=100; rua=mailto:dmarc-rua@dmarc.service.gov.uk;"]
},
# TLS-RPT records from MyNCSc
{
name = "_stmp._tls"
type = "TXT"
ttl = 86400
records = ["v=TLSRPTv1;rua=mailto:tls-rua@mailcheck.service.ncsc.gov.uk"]
}
]
codestar_connection_arn = "arn:aws:codestar-connections:eu-west-2:443944947292:connection/c253c931-651d-4d48-950a-c1ac2dfd7ca8"
container_registry = "711966560482.dkr.ecr.eu-west-2.amazonaws.com"
dlq_arn = "arn:aws:sqs:eu-west-2:711966560482:eventbridge-dead-letter-queue"
send_logs_to_cyber = true
forms_admin_settings = {
cpu = 256
memory = 512
min_capacity = 6
max_capacity = 12
enable_maintenance_mode = false
auth_provider = "auth0"
previous_auth_provider = "gds_sso"
cloudwatch_metrics_enabled = true
analytics_enabled = true
act_as_user_enabled = false
govuk_app_domain = "publishing.service.gov.uk"
synchronize_to_mailchimp = true
repeatable_page_enabled = true
file_upload = true
}
forms_api_settings = {
cpu = 512
memory = 1024
min_capacity = 6
max_capacity = 36
}
forms_product_page_settings = {
cpu = 256
memory = 512
min_capacity = 3
max_capacity = 9
}
forms_runner_settings = {
cpu = 1024
memory = 2048
min_capacity = 6
max_capacity = 36
enable_maintenance_mode = false
cloudwatch_metrics_enabled = true
analytics_enabled = true
api_v2_enabled = true
allow_human_readonly_roles_to_assume_submissions_to_s3_role = false
allow_human_readonly_roles_to_assume_submissions_to_runner_role = false
ses_submission_email_from_email_address = "no-reply@forms.service.gov.uk"
ses_submission_email_reply_to_email_address = "no-reply@forms.service.gov.uk"
}
scheduled_smoke_tests_settings = {
enable_scheduled_smoke_tests = true
form_url = "https://submit.forms.service.gov.uk/form/2570/scheduled-smoke-test"
frequency_minutes = 10
enable_alerting = true
}
end_to_end_test_settings = {
aws_s3_role_arn = "arn:aws:iam::443944947292:role/govuk-s3-end-to-end-test-production"
aws_s3_bucket = "govuk-forms-submissions-to-s3-test"
s3_form_id = "5086"
}