Fixing newrelic deploy to new environment #1697
Merged
+588
−76
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
staging: common✅ Terraform Init: Plan: 4 to add, 7 to change, 4 to destroyShow summary
Show planResource actions are indicated with the following symbols:
~ update in-place
-/+ destroy and then create replacement
Terraform will perform the following actions:
# aws_cloudwatch_metric_stream.newrelic_metric_stream[0] will be imported
resource "aws_cloudwatch_metric_stream" "newrelic_metric_stream" {
arn = "arn:aws:cloudwatch:ca-central-1:239043911459:metric-stream/newrelic-metric-stream-staging"
creation_date = "2024-09-16T17:24:36Z"
firehose_arn = "arn:aws:firehose:ca-central-1:239043911459:deliverystream/newrelic_firehose_stream_staging"
id = "newrelic-metric-stream-staging"
include_linked_accounts_metrics = false
last_update_date = "2024-09-16T17:24:36Z"
name = "newrelic-metric-stream-staging"
name_prefix = null
output_format = "opentelemetry0.7"
role_arn = "arn:aws:iam::239043911459:role/newrelic_metric_stream_to_firehose_role_staging"
state = "running"
tags = {}
tags_all = {}
}
# aws_config_configuration_recorder_status.newrelic_recorder_status[0] will be imported
resource "aws_config_configuration_recorder_status" "newrelic_recorder_status" {
id = "aws-controltower-BaselineConfigRecorder"
is_enabled = true
name = "aws-controltower-BaselineConfigRecorder"
}
# aws_iam_policy.newrelic_aws_permissions[0] will be imported
resource "aws_iam_policy" "newrelic_aws_permissions" {
arn = "arn:aws:iam::239043911459:policy/NewRelicCloudStreamReadPermissions-staging"
attachment_count = 0
description = null
id = "arn:aws:iam::239043911459:policy/NewRelicCloudStreamReadPermissions-staging"
name = "NewRelicCloudStreamReadPermissions-staging"
name_prefix = null
path = "/"
policy = jsonencode(
{
Statement = [
{
Action = [
"budgets:ViewBudget",
"cloudtrail:LookupEvents",
"config:BatchGetResourceConfig",
"config:ListDiscoveredResources",
"ec2:DescribeInternetGateways",
"ec2:DescribeVpcs",
"ec2:DescribeNatGateways",
"ec2:DescribeVpcEndpoints",
"ec2:DescribeSubnets",
"ec2:DescribeNetworkAcls",
"ec2:DescribeVpcAttribute",
"ec2:DescribeRouteTables",
"ec2:DescribeSecurityGroups",
"ec2:DescribeVpcPeeringConnections",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeVpnConnections",
"health:DescribeAffectedEntities",
"health:DescribeEventDetails",
"health:DescribeEvents",
"tag:GetResources",
"xray:BatchGet*",
"xray:Get*",
]
Effect = "Allow"
Resource = "*"
},
]
Version = "2012-10-17"
}
)
policy_id = "ANPATPKBAT4R6HH6SD56U"
tags = {}
tags_all = {}
}
# aws_iam_role.firehose_newrelic_role[0] will be imported
resource "aws_iam_role" "firehose_newrelic_role" {
arn = "arn:aws:iam::239043911459:role/firehose_newrelic_role_staging"
assume_role_policy = jsonencode(
{
Statement = [
{
Action = "sts:AssumeRole"
Effect = "Allow"
Principal = {
Service = "firehose.amazonaws.com"
}
Sid = ""
},
]
Version = "2012-10-17"
}
)
create_date = "2024-07-24T12:57:52Z"
description = null
force_detach_policies = false
id = "firehose_newrelic_role_staging"
managed_policy_arns = []
max_session_duration = 3600
name = "firehose_newrelic_role_staging"
name_prefix = null
path = "/"
permissions_boundary = null
tags = {}
tags_all = {}
unique_id = "AROATPKBAT4RVSIX2UV5F"
}
# aws_iam_role.metric_stream_to_firehose[0] will be imported
resource "aws_iam_role" "metric_stream_to_firehose" {
arn = "arn:aws:iam::239043911459:role/newrelic_metric_stream_to_firehose_role_staging"
assume_role_policy = jsonencode(
{
Statement = [
{
Action = "sts:AssumeRole"
Effect = "Allow"
Principal = {
Service = "streams.metrics.cloudwatch.amazonaws.com"
}
Sid = ""
},
]
Version = "2012-10-17"
}
)
create_date = "2024-07-24T12:57:52Z"
description = null
force_detach_policies = false
id = "newrelic_metric_stream_to_firehose_role_staging"
managed_policy_arns = []
max_session_duration = 3600
name = "newrelic_metric_stream_to_firehose_role_staging"
name_prefix = null
path = "/"
permissions_boundary = null
tags = {}
tags_all = {}
unique_id = "AROATPKBAT4RWD2ZJBTFC"
inline_policy {
name = "default"
policy = jsonencode(
{
Statement = [
{
Action = [
"firehose:PutRecord",
"firehose:PutRecordBatch",
]
Effect = "Allow"
Resource = "arn:aws:firehose:ca-central-1:239043911459:deliverystream/newrelic_firehose_stream_staging"
},
]
Version = "2012-10-17"
}
)
}
}
# aws_iam_role.newrelic_aws_role[0] will be imported
resource "aws_iam_role" "newrelic_aws_role" {
arn = "arn:aws:iam::239043911459:role/NewRelicInfrastructure-Integrations-staging"
assume_role_policy = jsonencode(
{
Statement = [
{
Action = "sts:AssumeRole"
Condition = {
StringEquals = {
"sts:ExternalId" = "2691974"
}
}
Effect = "Allow"
Principal = {
AWS = "arn:aws:iam::754728514883:root"
}
},
]
Version = "2012-10-17"
}
)
create_date = "2024-07-24T12:57:52Z"
description = "New Relic Cloud integration role"
force_detach_policies = false
id = "NewRelicInfrastructure-Integrations-staging"
managed_policy_arns = [
"arn:aws:iam::aws:policy/ReadOnlyAccess",
]
max_session_duration = 3600
name = "NewRelicInfrastructure-Integrations-staging"
name_prefix = null
path = "/"
permissions_boundary = null
tags = {}
tags_all = {}
unique_id = "AROATPKBAT4R4KEQQ2LNQ"
}
# aws_iam_role.newrelic_configuration_recorder[0] will be imported
resource "aws_iam_role" "newrelic_configuration_recorder" {
arn = "arn:aws:iam::239043911459:role/newrelic_configuration_recorder-staging"
assume_role_policy = jsonencode(
{
Statement = [
{
Action = "sts:AssumeRole"
Effect = "Allow"
Principal = {
Service = "config.amazonaws.com"
}
Sid = ""
},
]
Version = "2012-10-17"
}
)
create_date = "2024-07-24T12:57:52Z"
description = null
force_detach_policies = false
id = "newrelic_configuration_recorder-staging"
managed_policy_arns = [
"arn:aws:iam::aws:policy/service-role/AWS_ConfigRole",
]
max_session_duration = 3600
name = "newrelic_configuration_recorder-staging"
name_prefix = null
path = "/"
permissions_boundary = null
tags = {}
tags_all = {}
unique_id = "AROATPKBAT4RZ2LLU6C5L"
inline_policy {
name = "newrelic-configuration-recorder-s3-staging"
policy = jsonencode(
{
Statement = [
{
Action = [
"s3:*",
]
Effect = "Allow"
Resource = [
"arn:aws:s3:::newrelic-configuration-recorder-9p5x8bkb",
"arn:aws:s3:::newrelic-configuration-recorder-9p5x8bkb/*",
]
},
]
Version = "2012-10-17"
}
)
}
}
# aws_iam_role_policy.metric_stream_to_firehose[0] will be imported
resource "aws_iam_role_policy" "metric_stream_to_firehose" {
id = "newrelic_metric_stream_to_firehose_role_staging:default"
name = "default"
name_prefix = null
policy = jsonencode(
{
Statement = [
{
Action = [
"firehose:PutRecord",
"firehose:PutRecordBatch",
]
Effect = "Allow"
Resource = "arn:aws:firehose:ca-central-1:239043911459:deliverystream/newrelic_firehose_stream_staging"
},
]
Version = "2012-10-17"
}
)
role = "newrelic_metric_stream_to_firehose_role_staging"
}
# aws_iam_role_policy.newrelic_configuration_recorder_s3[0] will be imported
resource "aws_iam_role_policy" "newrelic_configuration_recorder_s3" {
id = "newrelic_configuration_recorder-staging:newrelic-configuration-recorder-s3-staging"
name = "newrelic-configuration-recorder-s3-staging"
name_prefix = null
policy = jsonencode(
{
Statement = [
{
Action = [
"s3:*",
]
Effect = "Allow"
Resource = [
"arn:aws:s3:::newrelic-configuration-recorder-9p5x8bkb",
"arn:aws:s3:::newrelic-configuration-recorder-9p5x8bkb/*",
]
},
]
Version = "2012-10-17"
}
)
role = "newrelic_configuration_recorder-staging"
}
# aws_iam_role_policy_attachment.newrelic_aws_policy_attach[0] will be imported
resource "aws_iam_role_policy_attachment" "newrelic_aws_policy_attach" {
id = "NewRelicInfrastructure-Integrations-staging-arn:aws:iam::aws:policy/ReadOnlyAccess"
policy_arn = "arn:aws:iam::aws:policy/ReadOnlyAccess"
role = "NewRelicInfrastructure-Integrations-staging"
}
# aws_iam_role_policy_attachment.newrelic_configuration_recorder[0] will be imported
resource "aws_iam_role_policy_attachment" "newrelic_configuration_recorder" {
id = "newrelic_configuration_recorder-staging-arn:aws:iam::aws:policy/service-role/AWS_ConfigRole"
policy_arn = "arn:aws:iam::aws:policy/service-role/AWS_ConfigRole"
role = "newrelic_configuration_recorder-staging"
}
# aws_kinesis_firehose_delivery_stream.newrelic_firehose_stream[0] will be updated in-place
# (imported from "arn:aws:firehose:ca-central-1:239043911459:deliverystream/newrelic_firehose_stream_staging")
~ resource "aws_kinesis_firehose_delivery_stream" "newrelic_firehose_stream" {
arn = "arn:aws:firehose:ca-central-1:239043911459:deliverystream/newrelic_firehose_stream_staging"
destination = "http_endpoint"
destination_id = "destinationId-000000000001"
id = "arn:aws:firehose:ca-central-1:239043911459:deliverystream/newrelic_firehose_stream_staging"
name = "newrelic_firehose_stream_staging"
tags = {}
tags_all = {}
version_id = "1"
~ http_endpoint_configuration {
+ access_key = (sensitive value)
buffering_interval = 60
buffering_size = 1
name = "New Relic staging"
retry_duration = 300
role_arn = "arn:aws:iam::239043911459:role/firehose_newrelic_role_staging"
s3_backup_mode = "FailedDataOnly"
url = "https://aws-api.newrelic.com/cloudwatch-metrics/v1"
cloudwatch_logging_options {
enabled = false
log_group_name = null
log_stream_name = null
}
processing_configuration {
enabled = false
}
request_configuration {
content_encoding = "GZIP"
}
s3_configuration {
bucket_arn = "arn:aws:s3:::newrelic-aws-bucket-9p5x8bkb"
buffering_interval = 400
buffering_size = 10
compression_format = "GZIP"
error_output_prefix = null
kms_key_arn = null
prefix = null
role_arn = "arn:aws:iam::239043911459:role/firehose_newrelic_role_staging"
cloudwatch_logging_options {
enabled = false
log_group_name = null
log_stream_name = null
}
}
}
server_side_encryption {
enabled = false
key_arn = null
key_type = "AWS_OWNED_CMK"
}
}
# aws_s3_bucket.newrelic_aws_bucket[0] will be updated in-place
# (imported from "newrelic-aws-bucket-9p5x8bkb")
~ resource "aws_s3_bucket" "newrelic_aws_bucket" {
acceleration_status = null
arn = "arn:aws:s3:::newrelic-aws-bucket-9p5x8bkb"
bucket = "newrelic-aws-bucket-9p5x8bkb"
bucket_domain_name = "newrelic-aws-bucket-9p5x8bkb.s3.amazonaws.com"
bucket_prefix = null
bucket_regional_domain_name = "newrelic-aws-bucket-9p5x8bkb.s3.ca-central-1.amazonaws.com"
+ force_destroy = true
hosted_zone_id = "Z1QDHH18159H29"
id = "newrelic-aws-bucket-9p5x8bkb"
object_lock_enabled = false
policy = null
region = "ca-central-1"
request_payer = "BucketOwner"
tags = {}
tags_all = {}
grant {
id = "69e55cefe4e71d4930761796ca1b0184cad872eb794dd25fbfc366b4501a75f9"
permissions = [
"FULL_CONTROL",
]
type = "CanonicalUser"
uri = null
}
server_side_encryption_configuration {
rule {
bucket_key_enabled = false
apply_server_side_encryption_by_default {
kms_master_key_id = null
sse_algorithm = "AES256"
}
}
}
versioning {
enabled = false
mfa_delete = false
}
}
# aws_s3_bucket.newrelic_configuration_recorder_s3[0] will be updated in-place
# (imported from "newrelic-configuration-recorder-9p5x8bkb")
~ resource "aws_s3_bucket" "newrelic_configuration_recorder_s3" {
acceleration_status = null
arn = "arn:aws:s3:::newrelic-configuration-recorder-9p5x8bkb"
bucket = "newrelic-configuration-recorder-9p5x8bkb"
bucket_domain_name = "newrelic-configuration-recorder-9p5x8bkb.s3.amazonaws.com"
bucket_prefix = null
bucket_regional_domain_name = "newrelic-configuration-recorder-9p5x8bkb.s3.ca-central-1.amazonaws.com"
+ force_destroy = true
hosted_zone_id = "Z1QDHH18159H29"
id = "newrelic-configuration-recorder-9p5x8bkb"
object_lock_enabled = false
policy = null
region = "ca-central-1"
request_payer = "BucketOwner"
tags = {}
tags_all = {}
grant {
id = "69e55cefe4e71d4930761796ca1b0184cad872eb794dd25fbfc366b4501a75f9"
permissions = [
"FULL_CONTROL",
]
type = "CanonicalUser"
uri = null
}
server_side_encryption_configuration {
rule {
bucket_key_enabled = false
apply_server_side_encryption_by_default {
kms_master_key_id = null
sse_algorithm = "AES256"
}
}
}
versioning {
enabled = false
mfa_delete = false
}
}
# aws_s3_bucket_ownership_controls.newrelic_ownership_controls[0] will be imported
resource "aws_s3_bucket_ownership_controls" "newrelic_ownership_controls" {
bucket = "newrelic-aws-bucket-9p5x8bkb"
id = "newrelic-aws-bucket-9p5x8bkb"
rule {
object_ownership = "BucketOwnerEnforced"
}
}
# newrelic_api_access_key.newrelic_aws_access_key[0] will be updated in-place
# (imported from "5EA911F90B135B0D61DB4012CB0DC376CCC5017C98EB1688932254CDDAFD3443:USER")
~ resource "newrelic_api_access_key" "newrelic_aws_access_key" {
# Warning: this attribute value will be marked as sensitive and will not
# display in UI output after applying this change. The value is unchanged.
~ account_id = (sensitive value)
id = "5EA911F90B135B0D61DB4012CB0DC376CCC5017C98EB1688932254CDDAFD3443"
ingest_type = null
key = (sensitive value)
key_type = "USER"
name = "notify_tf_provider"
notes = "Used by Notify Terraform Code to create New Relic Resources"
user_id = 1005854589
}
# newrelic_cloud_aws_integrations.newrelic_cloud_integration_pull[0] will be updated in-place
# (imported from "225924")
~ resource "newrelic_cloud_aws_integrations" "newrelic_cloud_integration_pull" {
# Warning: this attribute value will be marked as sensitive and will not
# display in UI output after applying this change. The value is unchanged.
~ account_id = (sensitive value)
id = "225924"
linked_account_id = 225924
lambda {
aws_regions = []
fetch_tags = true
metrics_polling_interval = 300
tag_key = null
tag_value = null
}
}
# newrelic_cloud_aws_link_account.newrelic_cloud_integration_pull[0] will be updated in-place
# (imported from "225924")
~ resource "newrelic_cloud_aws_link_account" "newrelic_cloud_integration_pull" {
# Warning: this attribute value will be marked as sensitive and will not
# display in UI output after applying this change. The value is unchanged.
~ account_id = (sensitive value)
arn = "arn:aws:iam::239043911459:role/NewRelicInfrastructure-Integrations-staging"
id = "225924"
metric_collection_mode = "PULL"
name = "staging pull"
}
# newrelic_cloud_aws_link_account.newrelic_cloud_integration_push[0] will be updated in-place
# (imported from "225918")
~ resource "newrelic_cloud_aws_link_account" "newrelic_cloud_integration_push" {
# Warning: this attribute value will be marked as sensitive and will not
# display in UI output after applying this change. The value is unchanged.
~ account_id = (sensitive value)
arn = "arn:aws:iam::239043911459:role/NewRelicInfrastructure-Integrations-staging"
id = "225918"
metric_collection_mode = "PUSH"
name = "staging metric stream"
}
# random_string.s3-bucket-name[0] will be imported
resource "random_string" "s3-bucket-name" {
id = "9p5x8bkb"
length = 8
lower = true
min_lower = 0
min_numeric = 0
min_special = 0
min_upper = 0
number = true
numeric = true
result = "9p5x8bkb"
special = true
upper = true
}
# module.notify_slack_critical.module.lambda.null_resource.archive[0] must be replaced
-/+ resource "null_resource" "archive" {
~ id = "5801817950243449493" -> (known after apply)
~ triggers = { # forces replacement
~ "timestamp" = "1733857012979424000" -> "1733864418930205200"
# (1 unchanged element hidden)
}
}
# module.notify_slack_general.module.lambda.null_resource.archive[0] must be replaced
-/+ resource "null_resource" "archive" {
~ id = "7990239102769919938" -> (known after apply)
~ triggers = { # forces replacement
~ "timestamp" = "1733857005552769000" -> "1733864416836083800"
# (1 unchanged element hidden)
}
}
# module.notify_slack_ok.module.lambda.null_resource.archive[0] must be replaced
-/+ resource "null_resource" "archive" {
~ id = "2249059188079096236" -> (known after apply)
~ triggers = { # forces replacement
~ "timestamp" = "1733857012981217000" -> "1733864418982995000"
# (1 unchanged element hidden)
}
}
# module.notify_slack_warning.module.lambda.null_resource.archive[0] must be replaced
-/+ resource "null_resource" "archive" {
~ id = "6250908901871396134" -> (known after apply)
~ triggers = { # forces replacement
~ "timestamp" = "1733857013035610000" -> "1733864418906426000"
# (1 unchanged element hidden)
}
}
Plan: 20 to import, 4 to add, 7 to change, 4 to destroy.
Warning: Argument is deprecated
with aws_s3_bucket.csv_bucket,
on s3.tf line 5, in resource "aws_s3_bucket" "csv_bucket":
5: resource "aws_s3_bucket" "csv_bucket" {
Use the aws_s3_bucket_server_side_encryption_configuration resource instead
(and 65 more similar warnings elsewhere)
─────────────────────────────────────────────────────────────────────────────
Saved the plan to: plan.tfplan
To perform exactly these actions, run the following command to apply:
terraform apply "plan.tfplan"
Show Conftest resultsWARN - plan.json - main - Missing Common Tags: ["aws_athena_workgroup.ad_hoc"]
WARN - plan.json - main - Missing Common Tags: ["aws_athena_workgroup.build_tables"]
WARN - plan.json - main - Missing Common Tags: ["aws_athena_workgroup.primary"]
WARN - plan.json - main - Missing Common Tags: ["aws_athena_workgroup.support"]
WARN - plan.json - main - Missing Common Tags: ["aws_budgets_budget.notify_global"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_event_rule.aws_health[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_log_group.route53_resolver_query_log[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_log_group.sns_deliveries[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_log_group.sns_deliveries_failures[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_log_group.sns_deliveries_failures_us_west_2[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_log_group.sns_deliveries_us_west_2[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_metric_alarm.bulk-bulk-not-being-processed-critical[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_metric_alarm.bulk-bulk-not-being-processed-warning[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_metric_alarm.bulk-inflights-not-being-processed-critical[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_metric_alarm.bulk-inflights-not-being-processed-warning[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_metric_alarm.bulk-not-being-processed-critical[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_metric_alarm.bulk-not-being-processed-warning[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_metric_alarm.contact-3-500-error-15-minutes-critical[0]"]
WARN - plan.json - main - Missing Common Tags: ["aws_cloudwatch_metric_alarm.document-download-bucket-size-warning[0]"]
WARN - plan.json... |
staging: newrelic✅ Terraform Init: Plan: 0 to add, 0 to change, 1 to destroyShow summary
Show planResource actions are indicated with the following symbols:
- destroy
Terraform will perform the following actions:
# aws_cloudwatch_metric_stream.newrelic_metric_stream[0] will no longer be managed by Terraform, but will not be destroyed
# (destroy = false is set in the configuration)
. resource "aws_cloudwatch_metric_stream" "newrelic_metric_stream" {
id = "newrelic-metric-stream-staging"
name = "newrelic-metric-stream-staging"
tags = {}
# (10 unchanged attributes hidden)
}
# aws_config_configuration_recorder_status.newrelic_recorder_status[0] will no longer be managed by Terraform, but will not be destroyed
# (destroy = false is set in the configuration)
. resource "aws_config_configuration_recorder_status" "newrelic_recorder_status" {
id = "aws-controltower-BaselineConfigRecorder"
name = "aws-controltower-BaselineConfigRecorder"
# (1 unchanged attribute hidden)
}
# aws_iam_policy.newrelic_aws_permissions[0] will no longer be managed by Terraform, but will not be destroyed
# (destroy = false is set in the configuration)
. resource "aws_iam_policy" "newrelic_aws_permissions" {
id = "arn:aws:iam::239043911459:policy/NewRelicCloudStreamReadPermissions-staging"
name = "NewRelicCloudStreamReadPermissions-staging"
tags = {}
# (8 unchanged attributes hidden)
}
# aws_iam_role.firehose_newrelic_role[0] will no longer be managed by Terraform, but will not be destroyed
# (destroy = false is set in the configuration)
. resource "aws_iam_role" "firehose_newrelic_role" {
id = "firehose_newrelic_role_staging"
name = "firehose_newrelic_role_staging"
tags = {}
# (12 unchanged attributes hidden)
}
# aws_iam_role.metric_stream_to_firehose[0] will no longer be managed by Terraform, but will not be destroyed
# (destroy = false is set in the configuration)
. resource "aws_iam_role" "metric_stream_to_firehose" {
id = "newrelic_metric_stream_to_firehose_role_staging"
name = "newrelic_metric_stream_to_firehose_role_staging"
tags = {}
# (12 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# aws_iam_role.newrelic_aws_role[0] will no longer be managed by Terraform, but will not be destroyed
# (destroy = false is set in the configuration)
. resource "aws_iam_role" "newrelic_aws_role" {
id = "NewRelicInfrastructure-Integrations-staging"
name = "NewRelicInfrastructure-Integrations-staging"
tags = {}
# (12 unchanged attributes hidden)
}
# aws_iam_role.newrelic_configuration_recorder[0] will no longer be managed by Terraform, but will not be destroyed
# (destroy = false is set in the configuration)
. resource "aws_iam_role" "newrelic_configuration_recorder" {
id = "newrelic_configuration_recorder-staging"
name = "newrelic_configuration_recorder-staging"
tags = {}
# (12 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# aws_iam_role_policy.metric_stream_to_firehose[0] will no longer be managed by Terraform, but will not be destroyed
# (destroy = false is set in the configuration)
. resource "aws_iam_role_policy" "metric_stream_to_firehose" {
id = "newrelic_metric_stream_to_firehose_role_staging:default"
name = "default"
# (3 unchanged attributes hidden)
}
# aws_iam_role_policy.newrelic_configuration_recorder_s3[0] will no longer be managed by Terraform, but will not be destroyed
# (destroy = false is set in the configuration)
. resource "aws_iam_role_policy" "newrelic_configuration_recorder_s3" {
id = "newrelic_configuration_recorder-staging:newrelic-configuration-recorder-s3-staging"
name = "newrelic-configuration-recorder-s3-staging"
# (3 unchanged attributes hidden)
}
# aws_iam_role_policy_attachment.newrelic_aws_policy_attach[0] will no longer be managed by Terraform, but will not be destroyed
# (destroy = false is set in the configuration)
. resource "aws_iam_role_policy_attachment" "newrelic_aws_policy_attach" {
id = "NewRelicInfrastructure-Integrations-staging-20240726154748832100000001"
# (2 unchanged attributes hidden)
}
# aws_iam_role_policy_attachment.newrelic_configuration_recorder[0] will no longer be managed by Terraform, but will not be destroyed
# (destroy = false is set in the configuration)
. resource "aws_iam_role_policy_attachment" "newrelic_configuration_recorder" {
id = "newrelic_configuration_recorder-staging-20240724125752973100000002"
# (2 unchanged attributes hidden)
}
# aws_kinesis_firehose_delivery_stream.newrelic_firehose_stream[0] will no longer be managed by Terraform, but will not be destroyed
# (destroy = false is set in the configuration)
. resource "aws_kinesis_firehose_delivery_stream" "newrelic_firehose_stream" {
id = "arn:aws:firehose:ca-central-1:239043911459:deliverystream/newrelic_firehose_stream_staging"
name = "newrelic_firehose_stream_staging"
tags = {}
# (5 unchanged attributes hidden)
# (2 unchanged blocks hidden)
}
# aws_s3_bucket.newrelic_aws_bucket[0] will no longer be managed by Terraform, but will not be destroyed
# (destroy = false is set in the configuration)
. resource "aws_s3_bucket" "newrelic_aws_bucket" {
id = "newrelic-aws-bucket-9p5x8bkb"
tags = {}
# (13 unchanged attributes hidden)
# (3 unchanged blocks hidden)
}
# aws_s3_bucket.newrelic_configuration_recorder_s3[0] will no longer be managed by Terraform, but will not be destroyed
# (destroy = false is set in the configuration)
. resource "aws_s3_bucket" "newrelic_configuration_recorder_s3" {
id = "newrelic-configuration-recorder-9p5x8bkb"
tags = {}
# (13 unchanged attributes hidden)
# (3 unchanged blocks hidden)
}
# aws_s3_bucket_ownership_controls.newrelic_ownership_controls[0] will no longer be managed by Terraform, but will not be destroyed
# (destroy = false is set in the configuration)
. resource "aws_s3_bucket_ownership_controls" "newrelic_ownership_controls" {
id = "newrelic-aws-bucket-9p5x8bkb"
# (1 unchanged attribute hidden)
# (1 unchanged block hidden)
}
# newrelic_api_access_key.newrelic_aws_access_key[0] will no longer be managed by Terraform, but will not be destroyed
# (destroy = false is set in the configuration)
. resource "newrelic_api_access_key" "newrelic_aws_access_key" {
id = "9F996F93714DC951E0EE1F7FFCB41C1EAAFFD5F86D62617BAED5434772AA0CAA"
name = "Metric Stream Key for staging"
# (6 unchanged attributes hidden)
}
# newrelic_cloud_aws_integrations.newrelic_cloud_integration_pull[0] will no longer be managed by Terraform, but will not be destroyed
# (destroy = false is set in the configuration)
. resource "newrelic_cloud_aws_integrations" "newrelic_cloud_integration_pull" {
id = "225924"
# (2 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# newrelic_cloud_aws_link_account.newrelic_cloud_integration_pull[0] will no longer be managed by Terraform, but will not be destroyed
# (destroy = false is set in the configuration)
. resource "newrelic_cloud_aws_link_account" "newrelic_cloud_integration_pull" {
id = "225924"
name = "staging pull"
# (3 unchanged attributes hidden)
}
# newrelic_cloud_aws_link_account.newrelic_cloud_integration_push[0] will no longer be managed by Terraform, but will not be destroyed
# (destroy = false is set in the configuration)
. resource "newrelic_cloud_aws_link_account" "newrelic_cloud_integration_push" {
id = "225918"
name = "staging metric stream"
# (3 unchanged attributes hidden)
}
# random_string.s3-bucket-name[0] will be destroyed
# (because random_string.s3-bucket-name is not in configuration)
- resource "random_string" "s3-bucket-name" {
- id = "9p5x8bkb" -> null
- length = 8 -> null
- lower = true -> null
- min_lower = 0 -> null
- min_numeric = 0 -> null
- min_special = 0 -> null
- min_upper = 0 -> null
- number = true -> null
- numeric = true -> null
- result = "9p5x8bkb" -> null
- special = false -> null
- upper = false -> null
}
Plan: 0 to add, 0 to change, 1 to destroy.
Warning: Some objects will no longer be managed by Terraform
If you apply this plan, Terraform will discard its tracking information for
the following objects, but it will not delete them:
- newrelic_cloud_aws_link_account.newrelic_cloud_integration_push[0]
- newrelic_api_access_key.newrelic_aws_access_key[0]
- newrelic_cloud_aws_link_account.newrelic_cloud_integration_pull[0]
- newrelic_cloud_aws_integrations.newrelic_cloud_integration_pull[0]
- aws_config_configuration_recorder_status.newrelic_recorder_status[0]
- aws_s3_bucket_ownership_controls.newrelic_ownership_controls[0]
- aws_iam_role.metric_stream_to_firehose[0]
- aws_s3_bucket.newrelic_aws_bucket[0]
- aws_iam_role.firehose_newrelic_role[0]
- aws_iam_role.newrelic_aws_role[0]
- aws_iam_role.newrelic_configuration_recorder[0]
- aws_iam_role_policy.newrelic_configuration_recorder_s3[0]
- aws_iam_role_policy.metric_stream_to_firehose[0]
- aws_iam_role_policy_attachment.newrelic_aws_policy_attach[0]
- aws_iam_policy.newrelic_aws_permissions[0]
- aws_iam_role_policy_attachment.newrelic_configuration_recorder[0]
- aws_kinesis_firehose_delivery_stream.newrelic_firehose_stream[0]
- aws_s3_bucket.newrelic_configuration_recorder_s3[0]
- aws_cloudwatch_metric_stream.newrelic_metric_stream[0]
After applying this plan, Terraform will no longer manage these objects. You
will need to import them into Terraform to manage them again.
─────────────────────────────────────────────────────────────────────────────
Saved the plan to: plan.tfplan
To perform exactly these actions, run the following command to apply:
terraform apply "plan.tfplan"
Show Conftest results20 tests, 20 passed, 0 warnings, 0 failures, 0 exceptions
|
P0NDER0SA
approved these changes
Dec 11, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary | Résumé
Had to move the AWS new relic integration point into common so that it's already there when it's time to apply newrelic alarms etc.
Related Issues | Cartes liées
My own free will
Before merging this PR
Read code suggestions left by the
cds-ai-codereviewer bot. Address
valid suggestions and shortly write down reasons to not address others. To help
with the classification of the comments, please use these reactions on each of the
comments made by the AI review:
The classifications will be extracted and summarized into an analysis of how helpful
or not the AI code review really is.
Test instructions | Instructions pour tester la modification
Tested in dev
Staging plan should show no destroys (may be small changes on import)
Release Instructions | Instructions pour le déploiement
Once this is released to staging, a new PR should be created to remove the removed.tf and import.tf
Reviewer checklist | Liste de vérification du réviseur