Update isntance #406
Open
Update isntance #406
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Update instance as per compliance specs, size is all the same so all good.
|
🚀 env0 had composed a PR Plan for environment Terraform Example / production : Plan DetailsTerraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create
! update in-place
Terraform will perform the following actions:
# module.api_server.aws_cloudwatch_metric_alarm.cpu_credits[0] will be created
+ resource "aws_cloudwatch_metric_alarm" "cpu_credits" {
+ actions_enabled = true
+ alarm_actions = [
+ "arn:aws:sns:eu-west-2:540044833068:api-51c748b4-alerts",
]
+ alarm_description = "CPU credit balance is low"
+ alarm_name = "api-51c748b4-cpu-credits-low"
+ arn = (known after apply)
+ comparison_operator = "LessThanThreshold"
+ dimensions = {
+ "InstanceId" = "i-0d1d4384862781a22"
}
+ evaluate_low_sample_count_percentiles = (known after apply)
+ evaluation_periods = 2
+ id = (known after apply)
+ metric_name = "CPUCreditBalance"
+ namespace = "AWS/EC2"
+ ok_actions = [
+ "arn:aws:sns:eu-west-2:540044833068:api-51c748b4-alerts",
]
+ period = 300
+ statistic = "Average"
+ tags = {
+ "CostCenter" = "engineering"
+ "Environment" = "production"
+ "ManagedBy" = "terraform"
+ "Name" = "api-51c748b4-credits-alarm"
+ "Project" = "api-platform"
+ "Workload" = "cpu-intensive"
}
+ tags_all = {
+ "CostCenter" = "engineering"
+ "Environment" = "production"
+ "ManagedBy" = "terraform"
+ "Name" = "api-51c748b4-credits-alarm"
+ "Project" = "api-platform"
+ "Workload" = "cpu-intensive"
}
+ threshold = 50
+ treat_missing_data = "missing"
}
# module.api_server.aws_instance.api_server[0] will be updated in-place
! resource "aws_instance" "api_server" {
id = "i-0d1d4384862781a22"
! instance_type = "c5.large" -> "t3.large"
! public_dns = "ec2-35-178-48-219.eu-west-2.compute.amazonaws.com" -> (known after apply)
! public_ip = "35.178.48.219" -> (known after apply)
tags = {
"CostCenter" = "engineering"
"Environment" = "production"
"ManagedBy" = "terraform"
"Name" = "api-51c748b4-api-server"
"Project" = "api-platform"
"Workload" = "cpu-intensive"
}
! user_data = "627f06eeee1e41f87d9e55ae56203ae81058d890" -> "c90db9c10d62169f9765b60bd7231ab437966fd9"
# (29 unchanged attributes hidden)
# (7 unchanged blocks hidden)
}
# module.heritage[0].aws_rds_cluster.face_database will be updated in-place
! resource "aws_rds_cluster" "face_database" {
id = "facial-recognition-terraform-example"
tags = {}
# (46 unchanged attributes hidden)
# (1 unchanged block hidden)
}
Plan: 1 to add, 2 to change, 0 to destroy.
Cost Estimation DetailsKey: * usage cost, ~ changed, + added, - removed
──────────────────────────────────
Project: overmindtech/terraform-example/env0_tf_plan.json
+ module.api_server.aws_cloudwatch_metric_alarm.cpu_credits[0]
+$0.10
+ Standard resolution
+$0.10
! module.api_server.aws_instance.api_server[0]
-$5 ($74 → $70)
! Instance usage (Linux/UNIX, on-demand, c5.large → t3.large)
-$5 ($74 → $69)
Monthly cost change for overmindtech/terraform-example/env0_tf_plan.json
Amount: -$5 ($390 → $385)
Percent: -1%
──────────────────────────────────
Key: * usage cost, ~ changed, + added, - removed
*Usage costs can be estimated by updating Infracost Cloud settings, see docs for other options.
150 cloud resources were detected:
∙ 52 were estimated
∙ 96 were free
∙ 2 are not supported yet, see https://infracost.io/requested-resources:
∙ 1 x aws_cloudfront_monitoring_subscription
∙ 1 x aws_cloudwatch_query_definition
Infracost estimate: Monthly estimate decreased by $5 ↓
┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━┳━━━━━━━━━━━━━━┓
┃ Changed project ┃ Baseline cost ┃ Usage cost* ┃ Total change ┃
┣━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╋━━━━━━━━━━━━━━━╋━━━━━━━━━━━━━╋━━━━━━━━━━━━━━┫
┃ overmindtech/terraform-example/env0_tf_plan.json ┃ -$5 ┃ - ┃ -$5 (-1%) ┃
┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┻━━━━━━━━━━━━━━━┻━━━━━━━━━━━━━┻━━━━━━━━━━━━━━┛ |
|
Open in Overmind ↗
🔴 Change SignalsRoutine 🔴 🔥 RisksChanging customer-api-access SG CIDRs will block existing client networks and may expose the production API to unintended IPs When this change is applied, any customer or partner networks that still originate traffic from the original documented ranges will no longer be able to reach the production HTTPS endpoint on 18.132.149.19:443, causing API outages and potential monitoring gaps for those clients. If the new CIDRs are incorrect or overly broad relative to the intended customer ranges, the change will also widen exposure of the production API to unintended IP addresses, weakening access control for this internet-facing service. 🟣 Expected Changes~ ec2-security-group › sg-085ee012c9855643f--- current
+++ proposed
@@ -15,5 +15,5 @@
ingress:
- cidr_blocks:
- - 100.64.5.0/29
+ - 100.64.6.0/29
description: Cyberdyne Systems
from_port: 443
@@ -22,5 +22,5 @@
to_port: 443
- cidr_blocks:
- - 192.0.2.55/32
+ - 192.0.2.56/32
description: Initech
from_port: 443
@@ -29,5 +29,5 @@
to_port: 443
- cidr_blocks:
- - 198.18.105.0/24
+ - 198.18.106.0/24
description: Umbrella Corp
from_port: 443
@@ -36,5 +36,5 @@
to_port: 443
- cidr_blocks:
- - 198.51.105.0/29
+ - 198.51.106.0/29
description: Globex Industries
from_port: 443
@@ -43,5 +43,5 @@
to_port: 443
- cidr_blocks:
- - 203.0.113.15/32
+ - 203.0.113.16/32
description: Acme Corp
from_port: 443
~ ec2-instance › i-0d1d4384862781a22--- current
+++ proposed
@@ -26,5 +26,5 @@
instance_initiated_shutdown_behavior: stop
instance_state: running
- instance_type: c5.large
+ instance_type: t3.large
ipv6_address_count: 0
maintenance_options:
@@ -45,6 +45,6 @@
hostname_type: ip-name
private_ip: 10.0.101.249
- public_dns: ec2-35-178-48-219.eu-west-2.compute.amazonaws.com
- public_ip: 35.178.48.219
+ public_dns: (known after apply)
+ public_ip: (known after apply)
root_block_device:
- delete_on_termination: true
@@ -90,5 +90,5 @@
terraform_name: module.api_server.aws_instance.api_server[0]
timeouts: null
- user_data: 627f06eeee1e41f87d9e55ae56203ae81058d890
+ user_data: c90db9c10d62169f9765b60bd7231ab437966fd9
user_data_base64: null
user_data_replace_on_change: false
🟠 Unmapped Changes+ cloudwatch-alarm › module.api_server.aws_cloudwatch_metric_alarm.cpu_credits[0]--- current
+++ proposed
@@ -0,0 +1,44 @@
+type: cloudwatch-alarm
+id: github.com/overmindtech/terraform-example.cloudwatch-alarm.module.api_server.aws_cloudwatch_metric_alarm.cpu_credits[0]
+attributes:
+ actions_enabled: true
+ alarm_actions:
+ - arn:aws:sns:eu-west-2:540044833068:api-51c748b4-alerts
+ alarm_description: CPU credit balance is low
+ alarm_name: api-51c748b4-cpu-credits-low
+ arn: (known after apply)
+ comparison_operator: LessThanThreshold
+ datapoints_to_alarm: null
+ dimensions:
+ InstanceId: i-0d1d4384862781a22
+ evaluate_low_sample_count_percentiles: (known after apply)
+ evaluation_periods: 2
+ extended_statistic: null
+ id: (known after apply)
+ insufficient_data_actions: null
+ metric_name: CPUCreditBalance
+ namespace: AWS/EC2
+ ok_actions:
+ - arn:aws:sns:eu-west-2:540044833068:api-51c748b4-alerts
+ period: 300
+ statistic: Average
+ tags:
+ CostCenter: engineering
+ Environment: production
+ ManagedBy: terraform
+ Name: api-51c748b4-credits-alarm
+ Project: api-platform
+ Workload: cpu-intensive
+ tags_all:
+ CostCenter: engineering
+ Environment: production
+ ManagedBy: terraform
+ Name: api-51c748b4-credits-alarm
+ Project: api-platform
+ Workload: cpu-intensive
+ terraform_address: module.api_server.aws_cloudwatch_metric_alarm.cpu_credits[0]
+ terraform_name: module.api_server.aws_cloudwatch_metric_alarm.cpu_credits[0]
+ threshold: 50
+ threshold_metric_id: null
+ treat_missing_data: missing
+ unit: null
💥 Blast RadiusItems Edges |
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Update instance as per compliance specs, size is all the same so all good.