Revert "[TICKET-942] Update docs to remove Pinpoint references (#970)"

This reverts commit 4606a4a.

Author: doshitan

.github/workflows/template-only-ci-infra.yml

@@ -101,30 +101,6 @@ jobs:
           aws-access-key-id: ${{ secrets.TESTER_AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.TESTER_AWS_SECRET_ACCESS_KEY }}
 
-      # - name: Import orphaned test resources
-      #   working-directory: project-dir
-      #   run: |
-      #     # Import existing CloudWatch Log Groups and WAF resources to prevent conflicts
-      #     bin/terraform-init infra/networks dev || true
-      #     cd infra/networks
-
-      #     # Import DNS query logging CloudWatch Log Group
-      #     terraform import 'module.domain.aws_cloudwatch_log_group.dns_query_logging[0]' \
-      #       /dns/hosted.zone.for.dev.network.com 2>/dev/null || echo "DNS log group not found or already in state"
-
-      #     # Import WAF CloudWatch Log Group
-      #     terraform import 'module.network.aws_cloudwatch_log_group.waf_logs' \
-      #       aws-waf-logs-dev 2>/dev/null || echo "WAF log group not found or already in state"
-
-      #     # Import WAF WebACL (requires getting ID and lock token)
-      #     WAF_ID=$(aws wafv2 list-web-acls --scope REGIONAL --region us-east-1 \
-      #       --query "WebACLs[?Name=='dev'].Id" --output text 2>/dev/null || echo "")
-      #     if [ -n "$WAF_ID" ]; then
-      #       terraform import 'module.network.aws_wafv2_web_acl.main' "$WAF_ID" 2>/dev/null || \
-      #         echo "WAF WebACL not found or already in state"
-      #     fi
-      #   continue-on-error: true
-
       - name: Run Terratest
         working-directory: project-dir
         run: make -f template-only.mak test

docs/infra/notifications.md

@@ -2,8 +2,9 @@
 
 The application may need to send email notifications to users. This document describes how to configure notifications. The notification setup process will:
 
-1. Configure Amazon SES (Simple Email Service) for sending emails
-2. Set up the necessary environment variables for the application service
+1. Create an AWS Pinpoint application for managing notifications
+2. Configure Amazon SES (Simple Email Service) for sending emails
+3. Set up the necessary environment variables for the application service
 
 ## Requirements
 
@@ -31,35 +32,28 @@ make infra-update-app-service APP_NAME=<APP_NAME> ENVIRONMENT=<ENVIRONMENT>
 
 ## 4. Send a test email
 
-To send a test notification using the AWS CLI, first get the from email address for the environment you want to test.
+To send a test notification using the AWS CLI, first get the application id for the Pinpoint application/project for the environment you want to test.
 
 ```bash
 bin/terraform-init "infra/<APP_NAME>/service" "<ENVIRONMENT>"
-FROM_EMAIL="$(terraform -chdir=infra/<APP_NAME>/service output -raw ses_from_email)"
+APPLICATION_ID="$(terraform -chdir=infra/<APP_NAME>/service output -raw pinpoint_app_id)"
 ```
 
 Then run the following command, replacing `<RECIPIENT_EMAIL>` with the email address you want to send to:
 
 ```bash
-aws sesv2 send-email \
-  --from-email-address "$FROM_EMAIL" \
-  --destination "ToAddresses=<RECIPIENT_EMAIL>" \
-  --content '{
-    "Simple": {
-      "Subject": {
-        "Data": "Test notification",
-        "Charset": "UTF-8"
-      },
-      "Body": {
-        "Text": {
-          "Data": "This is a message from the future",
-          "Charset": "UTF-8"
-        },
-        "Html": {
-          "Data": "This is a message from the future",
-          "Charset": "UTF-8"
-        }
+aws pinpoint send-messages --application-id "$APPLICATION_ID" --message-request '{
+  "Addresses": {
+    "<RECIPIENT_EMAIL>": { "ChannelType": "EMAIL" }
+  },
+  "MessageConfiguration": {
+    "EmailMessage": {
+      "SimpleEmail": {
+        "Subject": { "Data": "Test notification", "Charset": "UTF-8" },
+        "TextPart": { "Data": "This is a message from the future", "Charset": "UTF-8" },
+        "HtmlPart": { "Data": "This is a message from the future", "Charset": "UTF-8" }
       }
-    }
-  }'
+    } 
+  }
+}'
 ```

docs/infra/service-command-execution.md

@@ -73,4 +73,4 @@ To run other commands, modify the `--command` flag to execute the command, rathe
 If you get an error after running the above steps, these diagnosis steps may be helpful:
 1. Verify that `enableExecuteCommand` is `true` on your running task by using `aws ecs describe-tasks --cluster $APP_NAME-$ENVIRONMENT_NAME --task <TASK_ID>`. If not, run the `infra-update-app-service` command above and/or redeploy your service.
 2. Make sure that the SSM Agent is running by checking the `managedAgents` object in the `containers` array of the `aws ecs describe-tasks` command output. If it is `STOPPED`, you may have an issue with your container that is preventing the agent from running.
-3. Run the [amazon-ecs-exec-checker](https://github.com/aws-containers/amazon-ecs-exec-checker) script to further diagnose issues that may prevent ECS Exec from functioning.
+3. Run the [amazon-ecs-exec-checker](https://github.com/aws-containers/amazon-ecs-exec-checker) script to further pinpoint issues that may prevent ECS Exec from functioning.

docs/system-architecture.md

@@ -16,9 +16,10 @@ This diagram shows the system architecture. [🔒 Make a copy of this Lucid temp
 * **GitHub** — Source code repository. Also responsible for Continuous Integration (CI) and Continuous Delivery (CD) workflows. GitHub Actions builds and deploys releases to an Amazon ECR registry that stores Docker container images for the application service.
 * **Incident Management Service** — Incident management service (e.g. PagerDuty or Splunk On-Call) for managing on-call schedules and paging engineers for urgent production issues.
 * **NAT Gateway** — Enables outbound internet access for resources in private subnets.
+* **Pinpoint** — Amazon Pinpoint service used for sending email and SMS notifications to users.
 * **Secrets Manager** — Securely stores and retrieves sensitive information such as database credentials.
 * **Service** — Amazon ECS service running the application.
-* **SES** — Amazon SES (Simple Email Service) used for sending email notifications.
+* **SES** — Amazon SES used by Amazon Pinpoint for sending email notifications.
 * **Terraform Backend Bucket** — Amazon S3 bucket used to store terraform state files.
 * **Terraform State Locks DynamoDB Table** — Amazon DynamoDB table used to manage concurrent access to terraform state files.
 * **VPC Endpoints** — VPC endpoints are used by the Database Role Manager to access Amazon Services without traffic leaving the VPC.

infra/modules/domain/data/main.tf

@@ -8,7 +8,6 @@ data "aws_acm_certificate" "certificate" {
 }
 
 data "aws_route53_zone" "zone" {
-  count        = var.hosted_zone != null ? 1 : 0
-  name         = var.hosted_zone
-  private_zone = false
+  count = var.hosted_zone != null ? 1 : 0
+  name  = var.hosted_zone
 }