Update port

[dylanratcliffe]

This was request by the network team

[github-actions]

Expected Changes

lambda-function › example_lambda_function

--- current
+++ planned
@@ -1,48 +1 @@
-architectures:
-    - x86_64
-arn: arn:aws:lambda:eu-west-2:540044833068:function:example_lambda_function
-code_signing_config_arn: ""
-dead_letter_config: []
-description: ""
-environment: []
-ephemeral_storage:
-    - size: 512
-file_system_config: []
-filename: modules/scenarios/tmp/lambda_function.zip
-function_name: example_lambda_function
-handler: index.handler
-id: example_lambda_function
-image_config: []
-image_uri: ""
-invoke_arn: arn:aws:apigateway:eu-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-2:540044833068:function:example_lambda_function/invocations
-kms_key_arn: ""
-last_modified: 2024-03-06T14:33:50.476+0000
-layers: []
-logging_config:
-    - application_log_level: ""
-      log_format: Text
-      log_group: /aws/lambda/example_lambda_function
-      system_log_level: ""
-memory_size: 128
-package_type: Zip
-publish: false
-qualified_arn: arn:aws:lambda:eu-west-2:540044833068:function:example_lambda_function:$LATEST
-qualified_invoke_arn: arn:aws:apigateway:eu-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-2:540044833068:function:example_lambda_function:$LATEST/invocations
-reserved_concurrent_executions: -1
-role: arn:aws:iam::540044833068:role/example_lambda_iam_role
-runtime: nodejs20.x
-signing_job_arn: ""
-signing_profile_version_arn: ""
-skip_destroy: false
-snap_start: []
-source_code_hash: AL+rDzevWkbhiW0wn6Q5AAB5yT4FUg5XY0X1IQvX8y0=
-source_code_size: 270
-tags: {}
-tags_all: {}
-terraform_address: module.scenarios[0].aws_lambda_function.example
-terraform_name: module.scenarios[0].aws_lambda_function.example
-timeout: 3
-tracing_config:
-    - mode: PassThrough
-version: $LATEST
-vpc_config: []

s3-bucket › bucket-notification-test-example

--- current
+++ planned
@@ -1,14 +1 @@
-bucket: bucket-notification-test-example
-eventbridge: false
-id: bucket-notification-test-example
-lambda_function: []
-queue:
-    - events:
-        - s3:ObjectCreated:*
-      filter_prefix: ""
-      filter_suffix: ""
-      id: tf-s3-queue-20240314092112439100000001
-      queue_arn: arn:aws:sqs:eu-west-2:540044833068:example-notifications-from-s3
-terraform_address: module.scenarios[0].aws_s3_bucket_notification.bucket_notification
-terraform_name: module.scenarios[0].aws_s3_bucket_notification.bucket_notification
-topic: []

sns-topic › arn:aws:sns:eu-west-2:540044833068:example-topic

--- current
+++ planned
@@ -1,34 +1 @@
-application_failure_feedback_role_arn: ""
-application_success_feedback_role_arn: ""
-application_success_feedback_sample_rate: 0
-archive_policy: ""
-arn: arn:aws:sns:eu-west-2:540044833068:example-topic
-beginning_archive_time: ""
-content_based_deduplication: false
-delivery_policy: ""
-display_name: ""
-fifo_topic: false
-firehose_failure_feedback_role_arn: ""
-firehose_success_feedback_role_arn: ""
-firehose_success_feedback_sample_rate: 0
-http_failure_feedback_role_arn: ""
-http_success_feedback_role_arn: ""
-http_success_feedback_sample_rate: 0
-id: arn:aws:sns:eu-west-2:540044833068:example-topic
-kms_master_key_id: ""
-lambda_failure_feedback_role_arn: ""
-lambda_success_feedback_role_arn: ""
-lambda_success_feedback_sample_rate: 0
-name: example-topic
-name_prefix: ""
-owner: "540044833068"
-policy: '{"Id":"__default_policy_ID","Statement":[{"Action":["SNS:GetTopicAttributes","SNS:SetTopicAttributes","SNS:AddPermission","SNS:RemovePermission","SNS:DeleteTopic","SNS:Subscribe","SNS:ListSubscriptionsByTopic","SNS:Publish"],"Condition":{"StringEquals":{"AWS:SourceOwner":"540044833068"}},"Effect":"Allow","Principal":{"AWS":"*"},"Resource":"arn:aws:sns:eu-west-2:540044833068:example-topic","Sid":"__default_statement_ID"}],"Version":"2008-10-17"}'
-signature_version: 0
-sqs_failure_feedback_role_arn: ""
-sqs_success_feedback_role_arn: ""
-sqs_success_feedback_sample_rate: 0
-tags: {}
-tags_all: {}
-terraform_address: module.scenarios[0].aws_sns_topic.example_topic
-terraform_name: module.scenarios[0].aws_sns_topic.example_topic
-tracing_config: ""

sqs-queue › https://sqs.eu-west-2.amazonaws.com/540044833068/example-notifications-from-s3

--- current
+++ planned
@@ -1,24 +1 @@
-arn: arn:aws:sqs:eu-west-2:540044833068:example-notifications-from-s3
-content_based_deduplication: false
-deduplication_scope: ""
-delay_seconds: 0
-fifo_queue: false
-fifo_throughput_limit: ""
-id: https://sqs.eu-west-2.amazonaws.com/540044833068/example-notifications-from-s3
-kms_data_key_reuse_period_seconds: 300
-kms_master_key_id: ""
-max_message_size: 262144
-message_retention_seconds: 345600
-name: example-notifications-from-s3
-name_prefix: ""
-policy: '{"Id":"arn:aws:sqs:eu-west-2:540044833068:example-notifications-from-s3/SQSPolicy","Statement":[{"Action":"SQS:SendMessage","Condition":{"ArnEquals":{"aws:SourceArn":"arn:aws:s3:::bucket-notification-test-example"}},"Effect":"Allow","Principal":"*","Resource":"arn:aws:sqs:eu-west-2:540044833068:example-notifications-from-s3","Sid":"AllowS3BucketNotification"}],"Version":"2012-10-17"}'
-receive_wait_time_seconds: 0
-redrive_allow_policy: ""
-redrive_policy: ""
-sqs_managed_sse_enabled: true
-tags: {}
-tags_all: {}
-terraform_address: module.scenarios[0].aws_sqs_queue.my_queue
-terraform_name: module.scenarios[0].aws_sqs_queue.my_queue
-url: https://sqs.eu-west-2.amazonaws.com/540044833068/example-notifications-from-s3
-visibility_timeout_seconds: 30

ecs-task-definition › facial-recognition

--- current
+++ planned
@@ -1,26 +1,16 @@
-arn: arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition:48
-arn_without_revision: arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition
-container_definitions: '[{"cpu":1024,"environment":[],"essential":true,"healthCheck":{"command":["CMD-SHELL","wget -q --spider localhost:1234"],"interval":30,"retries":3,"timeout":5},"image":"harshmanvar/face-detection-tensorjs:slim-amd","memory":2048,"mountPoints":[],"name":"facial-recognition","portMappings":[{"appProtocol":"http","containerPort":1234,"hostPort":1234,"protocol":"tcp"}],"volumesFrom":[]}]'
+container_definitions: '[{"cpu":1024,"environment":[],"essential":true,"healthCheck":{"command":["CMD-SHELL","wget -q --spider localhost:4321"],"interval":30,"retries":3,"timeout":5},"image":"harshmanvar/face-detection-tensorjs:slim-amd","memory":2048,"mountPoints":[],"name":"facial-recognition","portMappings":[{"appProtocol":"http","containerPort":1234}],"volumesFrom":[]}]'
 cpu: "1024"
 ephemeral_storage: []
-execution_role_arn: ""
 family: facial-recognition
-id: facial-recognition
 inference_accelerator: []
-ipc_mode: ""
 memory: "2048"
 network_mode: awsvpc
-pid_mode: ""
 placement_constraints: []
 proxy_configuration: []
 requires_compatibilities:
     - FARGATE
-revision: 48
 runtime_platform: []
 skip_destroy: false
-tags: {}
-tags_all: {}
-task_role_arn: ""
 terraform_address: module.loom[0].aws_ecs_task_definition.face
 terraform_name: module.loom[0].aws_ecs_task_definition.face
 track_latest: false

elbv2-target-group › asg-new-change-tg

--- current
+++ planned
@@ -1,41 +1 @@
-arn: arn:aws:elasticloadbalancing:eu-west-2:540044833068:targetgroup/asg-new-change-tg/93b7bc3e3ad8ed46
-arn_suffix: targetgroup/asg-new-change-tg/93b7bc3e3ad8ed46
-deregistration_delay: "300"
-health_check:
-    - enabled: true
-      healthy_threshold: 3
-      interval: 30
-      matcher: "200"
-      path: /
-      port: traffic-port
-      protocol: HTTP
-      timeout: 5
-      unhealthy_threshold: 3
-id: arn:aws:elasticloadbalancing:eu-west-2:540044833068:targetgroup/asg-new-change-tg/93b7bc3e3ad8ed46
-ip_address_type: ipv4
-lambda_multi_value_headers_enabled: false
-load_balancing_algorithm_type: round_robin
-load_balancing_anomaly_mitigation: "off"
-load_balancing_cross_zone_enabled: use_load_balancer_configuration
-name: asg-new-change-tg
-name_prefix: ""
-port: 80
-protocol: HTTP
-protocol_version: HTTP1
-proxy_protocol_v2: false
-slow_start: 0
-stickiness:
-    - cookie_duration: 86400
-      cookie_name: ""
-      enabled: false
-      type: lb_cookie
-tags: {}
-tags_all: {}
-target_failover:
-    - {}
-target_health_state:
-    - {}
-target_type: instance
-terraform_address: module.scenarios[0].aws_lb_target_group.my_new_target_group
-terraform_name: module.scenarios[0].aws_lb_target_group.my_new_target_group
-vpc_id: vpc-04eb3a738ef8488db

elbv2-target-group › asg-change-tg

--- current
+++ planned
@@ -1,41 +1 @@
-arn: arn:aws:elasticloadbalancing:eu-west-2:540044833068:targetgroup/asg-change-tg/f558dcbbd9e9b1f2
-arn_suffix: targetgroup/asg-change-tg/f558dcbbd9e9b1f2
-deregistration_delay: "300"
-health_check:
-    - enabled: true
-      healthy_threshold: 3
-      interval: 30
-      matcher: "200"
-      path: /
-      port: traffic-port
-      protocol: HTTP
-      timeout: 5
-      unhealthy_threshold: 3
-id: arn:aws:elasticloadbalancing:eu-west-2:540044833068:targetgroup/asg-change-tg/f558dcbbd9e9b1f2
-ip_address_type: ipv4
-lambda_multi_value_headers_enabled: false
-load_balancing_algorithm_type: round_robin
-load_balancing_anomaly_mitigation: "off"
-load_balancing_cross_zone_enabled: use_load_balancer_configuration
-name: asg-change-tg
-name_prefix: ""
-port: 80
-protocol: HTTP
-protocol_version: HTTP1
-proxy_protocol_v2: false
-slow_start: 0
-stickiness:
-    - cookie_duration: 86400
-      cookie_name: ""
-      enabled: false
-      type: lb_cookie
-tags: {}
-tags_all: {}
-target_failover:
-    - {}
-target_health_state:
-    - {}
-target_type: instance
-terraform_address: module.scenarios[0].aws_lb_target_group.my_target_group
-terraform_name: module.scenarios[0].aws_lb_target_group.my_target_group
-vpc_id: vpc-04eb3a738ef8488db

Unmapped Changes

Note

These changes couldn't be mapped to a real cloud resource and therefore won't be included in the blast radius calculation.

ec2-instance › module.scenarios[0].aws_instance.example_1

--- current
+++ planned
@@ -1,86 +1 @@
-ami: ami-0f7ebe5d40025f8f0
-arn: arn:aws:ec2:eu-west-2:540044833068:instance/i-0673dd05e7f2777ec
-associate_public_ip_address: true
-availability_zone: eu-west-2a
-capacity_reservation_specification:
-    - capacity_reservation_preference: open
-      capacity_reservation_target: []
-cpu_core_count: 1
-cpu_options:
-    - amd_sev_snp: ""
-      core_count: 1
-      threads_per_core: 2
-cpu_threads_per_core: 2
-credit_specification:
-    - cpu_credits: unlimited
-disable_api_stop: false
-disable_api_termination: false
-ebs_block_device: []
-ebs_optimized: false
-enclave_options:
-    - enabled: false
-ephemeral_block_device: []
-get_password_data: false
-hibernation: false
-host_id: ""
-iam_instance_profile: ""
-id: i-0673dd05e7f2777ec
-instance_initiated_shutdown_behavior: stop
-instance_lifecycle: ""
-instance_market_options: []
-instance_state: running
-instance_type: t3.micro
-ipv6_address_count: 0
-ipv6_addresses: []
-key_name: ""
-launch_template: []
-maintenance_options:
-    - auto_recovery: default
-metadata_options:
-    - http_endpoint: enabled
-      http_protocol_ipv6: disabled
-      http_put_response_hop_limit: 1
-      http_tokens: optional
-      instance_metadata_tags: disabled
-monitoring: false
-network_interface: []
-outpost_arn: ""
-password_data: ""
-placement_group: ""
-placement_partition_number: 0
-primary_network_interface_id: eni-0685f7ff855e6c322
-private_dns: ip-172-31-19-238.eu-west-2.compute.internal
-private_dns_name_options:
-    - enable_resource_name_dns_a_record: false
-      enable_resource_name_dns_aaaa_record: false
-      hostname_type: ip-name
-private_ip: 172.31.19.238
-public_dns: ec2-3-8-133-156.eu-west-2.compute.amazonaws.com
-public_ip: 3.8.133.156
-root_block_device:
-    - delete_on_termination: true
-      device_name: /dev/xvda
-      encrypted: false
-      iops: 0
-      kms_key_id: ""
-      tags: {}
-      throughput: 0
-      volume_id: vol-0695a45c5e15a589b
-      volume_size: 8
-      volume_type: standard
-secondary_private_ips: []
-security_groups:
-    - default
-source_dest_check: true
-spot_instance_request_id: ""
-subnet_id: subnet-0435f45b197666342
-tags:
-    Name: SG Removal Example Instance 1
-tags_all:
-    Name: SG Removal Example Instance 1
-tenancy: default
-terraform_address: module.scenarios[0].aws_instance.example_1
-terraform_name: module.scenarios[0].aws_instance.example_1
-user_data_replace_on_change: false
-vpc_security_group_ids:
-    - sg-0948cdc916d1efffd

ec2-instance › module.scenarios[0].aws_instance.example_2

--- current
+++ planned
@@ -1,86 +1 @@
-ami: ami-0f7ebe5d40025f8f0
-arn: arn:aws:ec2:eu-west-2:540044833068:instance/i-07266c3f25d63988c
-associate_public_ip_address: true
-availability_zone: eu-west-2a
-capacity_reservation_specification:
-    - capacity_reservation_preference: open
-      capacity_reservation_target: []
-cpu_core_count: 1
-cpu_options:
-    - amd_sev_snp: ""
-      core_count: 1
-      threads_per_core: 2
-cpu_threads_per_core: 2
-credit_specification:
-    - cpu_credits: unlimited
-disable_api_stop: false
-disable_api_termination: false
-ebs_block_device: []
-ebs_optimized: false
-enclave_options:
-    - enabled: false
-ephemeral_block_device: []
-get_password_data: false
-hibernation: false
-host_id: ""
-iam_instance_profile: ""
-id: i-07266c3f25d63988c
-instance_initiated_shutdown_behavior: stop
-instance_lifecycle: ""
-instance_market_options: []
-instance_state: running
-instance_type: t3.micro
-ipv6_address_count: 0
-ipv6_addresses: []
-key_name: ""
-launch_template: []
-maintenance_options:
-    - auto_recovery: default
-metadata_options:
-    - http_endpoint: enabled
-      http_protocol_ipv6: disabled
-      http_put_response_hop_limit: 1
-      http_tokens: optional
-      instance_metadata_tags: disabled
-monitoring: false
-network_interface: []
-outpost_arn: ""
-password_data: ""
-placement_group: ""
-placement_partition_number: 0
-primary_network_interface_id: eni-074cf943be8740db2
-private_dns: ip-172-31-30-114.eu-west-2.compute.internal
-private_dns_name_options:
-    - enable_resource_name_dns_a_record: false
-      enable_resource_name_dns_aaaa_record: false
-      hostname_type: ip-name
-private_ip: 172.31.30.114
-public_dns: ec2-18-170-27-94.eu-west-2.compute.amazonaws.com
-public_ip: 18.170.27.94
-root_block_device:
-    - delete_on_termination: true
-      device_name: /dev/xvda
-      encrypted: false
-      iops: 0
-      kms_key_id: ""
-      tags: {}
-      throughput: 0
-      volume_id: vol-09442cfe5423a130a
-      volume_size: 8
-      volume_type: standard
-secondary_private_ips: []
-security_groups:
-    - default
-source_dest_check: true
-spot_instance_request_id: ""
-subnet_id: subnet-0435f45b197666342
-tags:
-    Name: SG Removal Example Instance 1
-tags_all:
-    Name: SG Removal Example Instance 1
-tenancy: default
-terraform_address: module.scenarios[0].aws_instance.example_2
-terraform_name: module.scenarios[0].aws_instance.example_2
-user_data_replace_on_change: false
-vpc_security_group_ids:
-    - sg-0948cdc916d1efffd

ec2-launch-template › module.scenarios[0].aws_launch_template.my_launch_template

--- current
+++ planned
@@ -1,42 +1 @@
-arn: arn:aws:ec2:eu-west-2:540044833068:launch-template/lt-09ccba9b2f966db6c
-block_device_mappings: []
-capacity_reservation_specification: []
-cpu_options: []
-credit_specification: []
-default_version: 1
-description: ""
-disable_api_stop: false
-disable_api_termination: false
-ebs_optimized: ""
-elastic_gpu_specifications: []
-elastic_inference_accelerator: []
-enclave_options: []
-hibernation_options: []
-iam_instance_profile: []
-id: lt-09ccba9b2f966db6c
-image_id: ami-0171207a7acd2a570
-instance_initiated_shutdown_behavior: ""
-instance_market_options: []
-instance_requirements: []
-instance_type: t2.micro
-kernel_id: ""
-key_name: ""
-latest_version: 1
-license_specification: []
-maintenance_options: []
-metadata_options: []
-monitoring: []
-name: asg-change-launch-template20240305124154601000000001
-name_prefix: asg-change-launch-template
-network_interfaces: []
-placement: []
-private_dns_name_options: []
-ram_disk_id: ""
-security_group_names: []
-tag_specifications: []
-tags: {}
-tags_all: {}
-terraform_address: module.scenarios[0].aws_launch_template.my_launch_template
-terraform_name: module.scenarios[0].aws_launch_template.my_launch_template
-user_data: ""
-vpc_security_group_ids: []

ec2-security-group › module.scenarios[0].aws_security_group.allow_access

--- current
+++ planned
@@ -1,34 +1 @@
-arn: arn:aws:ec2:eu-west-2:540044833068:security-group/sg-0f1f5b67c1f8187e8
-description: Allow access security group
-egress:
-    - cidr_blocks:
-        - 0.0.0.0/0
-      description: ""
-      from_port: 0
-      ipv6_cidr_blocks: []
-      prefix_list_ids: []
-      protocol: "-1"
-      security_groups: []
-      self: false
-      to_port: 0
-id: sg-0f1f5b67c1f8187e8
-ingress:
-    - cidr_blocks:
-        - 0.0.0.0/0
-      description: ""
-      from_port: 22
-      ipv6_cidr_blocks: []
-      prefix_list_ids: []
-      protocol: tcp
-      security_groups: []
-      self: false
-      to_port: 22
-name: allow_access
-name_prefix: ""
-owner_id: "540044833068"
-revoke_rules_on_delete: false
-tags: {}
-tags_all: {}
-terraform_address: module.scenarios[0].aws_security_group.allow_access
-terraform_name: module.scenarios[0].aws_security_group.allow_access
-vpc_id: vpc-04eb3a738ef8488db

autoscaling-auto-scaling-group › module.scenarios[0].aws_autoscaling_group.my_asg

--- current
+++ planned
@@ -1,50 +1 @@
-arn: arn:aws:autoscaling:eu-west-2:540044833068:autoScalingGroup:ab16241d-5984-40ab-aced-684dc1e9a7b1:autoScalingGroupName/asg-change-test-asg
-availability_zones:
-    - eu-west-2a
-capacity_rebalance: false
-context: ""
-default_cooldown: 300
-default_instance_warmup: 0
-desired_capacity: 1
-desired_capacity_type: ""
-enabled_metrics: []
-force_delete: false
-force_delete_warm_pool: false
-health_check_grace_period: 300
-health_check_type: EC2
-id: asg-change-test-asg
-ignore_failed_scaling_activities: false
-initial_lifecycle_hook: []
-instance_maintenance_policy: []
-instance_refresh: []
-launch_configuration: ""
-launch_template:
-    - id: lt-09ccba9b2f966db6c
-      name: asg-change-launch-template20240305124154601000000001
-      version: $Latest
-load_balancers: []
-max_instance_lifetime: 0
-max_size: 2
-metrics_granularity: 1Minute
-min_size: 0
-mixed_instances_policy: []
-name: asg-change-test-asg
-name_prefix: ""
-placement_group: ""
-predicted_capacity: 0
-protect_from_scale_in: false
-service_linked_role_arn: arn:aws:iam::540044833068:role/aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling
-suspended_processes: []
-tag: []
-target_group_arns:
-    - arn:aws:elasticloadbalancing:eu-west-2:540044833068:targetgroup/asg-change-tg/f558dcbbd9e9b1f2
-termination_policies: []
-terraform_address: module.scenarios[0].aws_autoscaling_group.my_asg
-terraform_name: module.scenarios[0].aws_autoscaling_group.my_asg
-traffic_source:
-    - identifier: arn:aws:elasticloadbalancing:eu-west-2:540044833068:targetgroup/asg-change-tg/f558dcbbd9e9b1f2
-      type: elbv2
-vpc_zone_identifier: []
-wait_for_capacity_timeout: 10m
-warm_pool: []
-warm_pool_size: 0

iam-role › module.scenarios[0].aws_iam_role.lambda_iam_role

--- current
+++ planned
@@ -1,18 +1 @@
-arn: arn:aws:iam::540044833068:role/example_lambda_iam_role
-assume_role_policy: '{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"},"Sid":""}],"Version":"2012-10-17"}'
-create_date: "2024-03-06T14:33:41Z"
-description: ""
-force_detach_policies: false
-id: example_lambda_iam_role
-inline_policy: []
-managed_policy_arns: []
-max_session_duration: 3600
-name: example_lambda_iam_role
-name_prefix: ""
-path: /
-permissions_boundary: ""
-tags: {}
-tags_all: {}
-terraform_address: module.scenarios[0].aws_iam_role.lambda_iam_role
-terraform_name: module.scenarios[0].aws_iam_role.lambda_iam_role
-unique_id: AROAX3PJOGEWHPKFEFRSV

s3-bucket › module.scenarios[0].aws_s3_bucket.my_bucket

--- current
+++ planned
@@ -1,39 +1 @@
-acceleration_status: ""
-acl: private
-arn: arn:aws:s3:::bucket-notification-test-example
-bucket: bucket-notification-test-example
-bucket_domain_name: bucket-notification-test-example.s3.amazonaws.com
-bucket_prefix: ""
-bucket_regional_domain_name: bucket-notification-test-example.s3.eu-west-2.amazonaws.com
-cors_rule: []
-force_destroy: false
-grant:
-    - id: 05d918fa182ad8f3fa915436354b8657e3c2c59b326ecbfc43e6c00451268d0a
-      permissions:
-        - FULL_CONTROL
-      type: CanonicalUser
-      uri: ""
-hosted_zone_id: Z3GKZC51ZF0DB4
-id: bucket-notification-test-example
-lifecycle_rule: []
-logging: []
-object_lock_configuration: []
-object_lock_enabled: false
-policy: ""
-region: eu-west-2
-replication_configuration: []
-request_payer: BucketOwner
-server_side_encryption_configuration:
-    - rule:
-        - apply_server_side_encryption_by_default:
-            - kms_master_key_id: ""
-              sse_algorithm: AES256
-          bucket_key_enabled: false
-tags: {}
-tags_all: {}
-terraform_address: module.scenarios[0].aws_s3_bucket.my_bucket
-terraform_name: module.scenarios[0].aws_s3_bucket.my_bucket
-versioning:
-    - enabled: false
-      mfa_delete: false
-website: []

aws_sqs_queue_policy › module.scenarios[0].aws_sqs_queue_policy.my_queue_policy

--- current
+++ planned
@@ -1,5 +1 @@
-id: https://sqs.eu-west-2.amazonaws.com/540044833068/example-notifications-from-s3
-policy: '{"Id":"arn:aws:sqs:eu-west-2:540044833068:example-notifications-from-s3/SQSPolicy","Statement":[{"Action":"SQS:SendMessage","Condition":{"ArnEquals":{"aws:SourceArn":"arn:aws:s3:::bucket-notification-test-example"}},"Effect":"Allow","Principal":"*","Resource":"arn:aws:sqs:eu-west-2:540044833068:example-notifications-from-s3","Sid":"AllowS3BucketNotification"}],"Version":"2012-10-17"}'
-queue_url: https://sqs.eu-west-2.amazonaws.com/540044833068/example-notifications-from-s3
-terraform_address: module.scenarios[0].aws_sqs_queue_policy.my_queue_policy
-terraform_name: module.scenarios[0].aws_sqs_queue_policy.my_queue_policy

Blast Radius

Items	Edges
11	4

Open in Overmind

Risks

Application Not Listening on the Updated Port [High]

After altering the health check command to use port 4321 instead of 1234, there's a significant risk that the application hasn't been reconfigured to listen on the new port. Given the current configuration of the ECS facial-recognition task, which specifies the container to expose and listen on port 1234, this change will lead to health check failures if not addressed. Continuous health check failures can cause the ECS service to repeatedly restart the task, potentially leading to service disruption or downtime.

To mitigate this risk, ensure the application configuration within the ECS task is updated and thoroughly tested to confirm it's listening on port 4321. Implement blue-green deployment or canary release strategies to reduce the potential impact.

Monitoring and Alerting Configuration Out-of-Sync [Medium]

Monitoring and alerting setups designed around the assumption that the application responds on port 1234 will need an update to align with the port change to 4321. Failure to update these configurations could lead to missed alerts or false alarms as the monitoring tools might not be able to accurately assess the health or performance of the application post-update.

Ensure all related monitoring and alerting configurations are reviewed and adjusted accordingly to factor in the new port. This synchronization should occur in tandem with the Terraform deployment to maintain observability integrity.

Dependent Services Communication Failure [Medium]

Services or tasks interacting with the facial-recognition ECS task might face communication issues post-update if they have hardcoded references to the old port (1234). Given the system's current state, if any such dependencies are not identified and rectified to accommodate the new port (4321), this could lead to partial or complete failure in inter-service communications, adversely affecting the application's functionality.

A comprehensive dependency audit is recommended to identify and update hardcoded references or configurations accordingly. This would ensure seamless communication between the facial-recognition service and its dependents.

Resource Allocation and Port Conflict [Low]

While less common, changing the health check port could theoretically lead to resource allocation issues or port conflicts within the ECS cluster, especially if port 4321 is already reserved or in use by another service within the same network space. Given the current state does not indicate such a conflict, the probability remains low but not impossible.

Review the ECS cluster and container instance configurations to preemptively identify any potential port conflicts or resource constraints introduced by the health check port change. Utilize ECS task placement strategies to optimize for available resources and prevent conflicts.