diff --git a/.env.example b/.env.example
index b0399a9..95657e4 100644
--- a/.env.example
+++ b/.env.example
@@ -20,4 +20,4 @@ NEXT_PUBLIC_API_URL_PROXY=
# UI Specific for integration tests
DOMAIN=
-RESOURCE_PREFIX=
\ No newline at end of file
+RESOURCE_PREFIX=
diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml
index 3835c6e..72c4d25 100644
--- a/.github/workflows/dev.yml
+++ b/.github/workflows/dev.yml
@@ -3,7 +3,7 @@ name: rAPId Dev Deployment
on:
push:
branches:
- - "**"
+ - '**'
workflow_dispatch:
@@ -25,8 +25,8 @@ jobs:
- name: Setup Python
uses: actions/setup-python@v4
with:
- python-version: "3.10"
- cache: "pip"
+ python-version: '3.10'
+ cache: 'pip'
- run: pip install -r requirements.txt
@@ -79,8 +79,8 @@ jobs:
- name: Setup Python
uses: actions/setup-python@v4
with:
- python-version: "3.10"
- cache: "pip"
+ python-version: '3.10'
+ cache: 'pip'
- name: Setup Python Environment
run: |
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 65a0807..c82597a 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -24,8 +24,8 @@ jobs:
- name: Setup Python
uses: actions/setup-python@v4
with:
- python-version: "3.10"
- cache: "pip"
+ python-version: '3.10'
+ cache: 'pip'
- run: pip install -r requirements.txt
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 1b432be..e1997dd 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -51,8 +51,8 @@ jobs:
- name: Setup Python
uses: actions/setup-python@v4
with:
- python-version: "3.10"
- cache: "pip"
+ python-version: '3.10'
+ cache: 'pip'
- name: Setup Python Environment
run: |
diff --git a/.github/workflows/scheduled-vulnerability-check.yml b/.github/workflows/scheduled-vulnerability-check.yml
index d23d235..cba5212 100644
--- a/.github/workflows/scheduled-vulnerability-check.yml
+++ b/.github/workflows/scheduled-vulnerability-check.yml
@@ -1,7 +1,7 @@
name: Scheduled api vulnerability scan results check
on:
schedule:
- - cron: "0 9,15 * * *"
+ - cron: '0 9,15 * * *'
workflow_dispatch:
@@ -13,16 +13,13 @@ jobs:
- uses: actions/checkout@v3
- name: Export env vars
- run:
- cp ./.github/.github.env .env
+ run: cp ./.github/.github.env .env
- name: Export AWS_ACCOUNT
- run:
- echo AWS_ACCOUNT=${{ secrets.AWS_ACCOUNT }} >> .env
+ run: echo AWS_ACCOUNT=${{ secrets.AWS_ACCOUNT }} >> .env
- name: Export AWS_REGION
- run:
- echo AWS_REGION=${{ secrets.AWS_REGION }} >> .env
+ run: echo AWS_REGION=${{ secrets.AWS_REGION }} >> .env
- name: Check for vulnerabilities
run: make api-scheduled-prod-scan
diff --git a/.github/workflows/ui-tests.yml b/.github/workflows/ui-tests.yml
index adadd61..6a88e87 100644
--- a/.github/workflows/ui-tests.yml
+++ b/.github/workflows/ui-tests.yml
@@ -31,6 +31,6 @@ jobs:
- name: Run playwright tests
run: make ui-test-e2e
env:
- DOMAIN_NAME: "https://${{ secrets.DOMAIN_NAME }}"
+ DOMAIN_NAME: 'https://${{ secrets.DOMAIN_NAME }}'
RESOURCE_PREFIX: ${{ secrets.RESOURCE_PREFIX }}
AWS_REGION: ${{ secrets.AWS_REGION }}
diff --git a/.gitignore b/.gitignore
index b8e63d4..b0a0c68 100644
--- a/.gitignore
+++ b/.gitignore
@@ -184,4 +184,4 @@ docs/_build/
ui/playwright/.auth
ui/playwright/.downloads
-ui/test-results/
\ No newline at end of file
+ui/test-results/
diff --git a/README.md b/README.md
index b32278d..64f2912 100644
--- a/README.md
+++ b/README.md
@@ -2,6 +2,7 @@
# Project rAPId
+
@@ -37,9 +38,11 @@ Or you can consult the [Infrastructure Repo](https://github.com/no10ds/rapid/tre
# Developing
This is a quick guide to running rAPId locally for development.
+
## Prerequisites
Install all the required tools
+
- jq (use Homebrew)
- Git
- [pre-commit](https://pre-commit.com)
diff --git a/SECURITY.md b/SECURITY.md
index 24d30da..8438b79 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -11,22 +11,27 @@ Cabinet Office and No10 are advocates of responsible vulnerability disclosure. I
You can report a vulnerability through our vulnerability disclosure programme at [HackerOne](https://hackerone.com/44c348eb-e030-4273-b445-d4a2f6f83ba8/embedded_submissions/new). Alternatively, you can send an email to [disclosure@digital.cabinet-office.gov.uk](mailto:disclosure@digital.cabinet-office.gov.uk); if you do this you may get a response from Zendesk, which is our ticketing system.
When reporting a vulnerability to us, please include:
+
- the website, page or repository where the vulnerability can be observed
- a brief description of the vulnerability
- details of the steps we need to take to reproduce the vulnerability
- non-destructive exploitation details
If you are able to, please also include:
+
- the type of vulnerability, for example, the [OWASP category](https://owasp.org/www-community/vulnerabilities/)
- screenshots or logs showing the exploitation of the vulnerability
[Reach out via email](mailto:disclosure@digital.cabinet-office.gov.uk) if you are not sure if the vulnerability is genuine and exploitable, or you have found:
+
- a non-exploitable vulnerability
- something you think could be improved - for example, missing security headers
- TLS configuration weaknesses - for example weak cipher suite support or the presence of TLS1.0 support
## Guidelines for reporting a vulnerability
+
When you are investigating and reporting the vulnerability on a gov.uk domain or subdomain, you must not:
+
- break the law
- access unnecessary or excessive amounts of data
- modify data
@@ -40,17 +45,18 @@ When you are investigating and reporting the vulnerability on a gov.uk domain or
Only submit reports about exploitable vulnerabilities through HackerOne.
## Bug bounty
+
Unfortunately, Cabinet Office and No10 do not offer a paid bug bounty programme. We will make efforts to show appreciation to people who take the time and effort to disclose vulnerabilities responsibly. We do have [an acknowledgements page for legitimate issues found by researchers](https://vdp.cabinetoffice.gov.uk/thanks.txt).
---
#### Further reading and inspiration about responsible disclosure and `SECURITY.md`
+
-
-
-
-
-
-
[CODE_OF_CONDUCT.md]: https://github.com/alphagov/.github/blob/master/CODE_OF_CONDUCT.md
[OWASP category]: https://www.owasp.org/index.php/Category:OWASP_Top_Ten_2017_Project
diff --git a/api/batect.yml b/api/batect.yml
index da28282..68fd7f0 100644
--- a/api/batect.yml
+++ b/api/batect.yml
@@ -64,19 +64,19 @@ tasks:
ports:
- local: 8000
container: 8000
- command: "uvicorn api.entry:app --host 0.0.0.0 --port 8000 --reload"
+ command: 'uvicorn api.entry:app --host 0.0.0.0 --port 8000 --reload'
test-unit:
description: Run unit tests
run:
container: service-image
- command: "pytest test/api -vv -s"
+ command: 'pytest test/api -vv -s'
test-unit-focus:
description: Run unit tests
run:
container: service-image
- command: "pytest test/api -vv -m focus"
+ command: 'pytest test/api -vv -m focus'
test-e2e:
description: Run E2E tests
@@ -86,7 +86,7 @@ tasks:
AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID:-}
AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY:-}
AWS_SESSION_TOKEN: ${AWS_SESSION_TOKEN:-}
- command: "pytest test/e2e -v"
+ command: 'pytest test/e2e -v'
test-e2e-focus:
description: Run E2E tests in focus mode
@@ -96,28 +96,28 @@ tasks:
AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID:-}
AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY:-}
AWS_SESSION_TOKEN: ${AWS_SESSION_TOKEN:-}
- command: "pytest test/e2e -v -m focus"
+ command: 'pytest test/e2e -v -m focus'
test-coverage:
description: Run all tests with coverage report for source code only
run:
container: service-image
- command: "pytest --durations=5 --cov=api --cov-report term-missing test/api"
+ command: 'pytest --durations=5 --cov=api --cov-report term-missing test/api'
lint:
description: Lint the source and test code
run:
container: service-image
- command: "flake8 api test"
+ command: 'flake8 api test'
format:
description: Format the source and test code
run:
container: service-image
- command: "black api test"
+ command: 'black api test'
generate_latest_changelog:
description: Parse the changelog file for the release's changes
run:
container: service-image
- command: "python get_latest_release_changelog.py"
+ command: 'python get_latest_release_changelog.py'
diff --git a/api/static/main.css b/api/static/main.css
index bdfd8b6..6883b6e 100644
--- a/api/static/main.css
+++ b/api/static/main.css
@@ -1 +1,427 @@
-:root{--success: #0dc988;--failure: #c90d4e;--neutral: #00aeff;--success-text: #0dc988;--error-text: #c90d4e;--pink: #eb2f64;--light-pink: #FF3366;--dark-pink: #BA265D;--light-grey-pink: #f1e4ef;--light-grey-1: #faf9f9;--light-grey-2: #f4f2f2;--light-grey-3: #f0eeee;--light-grey-4: #ccc;--dark-grey-1: #333;--dark-grey-2: #777;--dark-grey-3: #999;--dark-shadow: 0 1rem 1rem rgba(0,0,0,.3);--light-shadow: 0 1rem 1rem rgba(0,0,0,.1);--grey-border-bottom-1: 1px solid var(--light-grey-2)}*,*::before,*::after{margin:0;padding:0;box-sizing:inherit}html{box-sizing:border-box;font-size:62.5%}body{font-family:'Open Sans', sans-serif;font-weight:400;line-height:1.6;color:var(--dark-grey-2);background-image:linear-gradient(to right bottom, var(--light-pink), var(--dark-pink));background-size:cover;background-repeat:no-repeat;min-height:100vh}.content{display:grid;grid-template-rows:[header-start] 20vh [header-end content-start] 30vh min-content [content-end footer-start] 10vh [footer-end];grid-template-columns:[full-start] minmax(6rem, 1fr) [center-start] repeat(8, [col-start] minmax(min-content, 14rem) [col-end]) [center-end] minmax(6rem, 1fr) [full-end]}.content_body{font-size:1.6rem;border-radius:1rem;grid-row-start:content-start;grid-row-end:content-end;grid-column-start:center-start;grid-column-end:center-end;display:grid;background-color:var(--light-grey-1);text-align:center;grid-template-rows:minmax(5rem, 1fr) minmax(5rem, 0.5fr)}.content_body--small{grid-template-rows:min-content minmax(min-content, 1fr)}.content-menu{align-content:space-around;display:grid;grid-template-rows:repeat(2, minmax(min-content, 2rem))}.content_header{padding:3rem;align-self:start}.form{font-size:1.6rem;border-radius:1rem;grid-row-start:content-start;grid-row-end:content-end;grid-column-start:center-start;grid-column-end:center-end;display:grid;background-color:var(--light-grey-1);text-align:center;grid-template-rows:minmax(10rem, 1fr) minmax(5rem, min-content);grid-row-gap:2rem}.form_body:not([hidden]){display:grid;grid-template-rows:repeat(2, minmax(5rem, 1fr));grid-row-gap:2rem}.form_body--headed:not([hidden]){grid-template-rows:auto}.form_submit:not([hidden]){display:grid;text-align:center;justify-items:center;align-items:center;grid-template-rows:minmax(2rem, min-content) minmax(3rem, 1fr) minmax(2rem, min-content);grid-row-gap:.6rem;margin:2rem 0}.form--logout{display:grid;grid-column-start:8;grid-column-end:center-end;justify-items:end;align-items:center}.form_helper-text{font-size:1.3rem;padding-bottom:.6rem}.form-select:not([hidden]){display:grid;justify-items:center;align-items:center}.form-select_dropdown{border-radius:.5rem;padding:.5rem;width:50%;box-shadow:var(--light-shadow);align-self:start;cursor:pointer}.form-select_dropdown_table{background-color:var(--light-grey-1);border:none;text-align-last:left;color:var(--dark-grey-2)}.form-checkbox:not([hidden]),.form-radio:not([hidden]){display:grid;grid-template-columns:repeat(auto-fit, minmax(min-content, 50%));grid-template-rows:auto;justify-content:space-around;align-content:center;grid-row-gap:1rem}.form-checkbox_input,.form-radio_input{display:grid;grid-template-columns:repeat(2, min-content);grid-column-gap:.5rem;justify-content:center}.form-checkbox_input label,.form-checkbox_input input,.form-radio_input label,.form-radio_input input{cursor:pointer}.form-checkbox_input label,.form-radio_input label{line-height:100%;padding:.2rem 0}.form-checkbox_legend,.form-radio_legend{padding:0 .5rem .5rem;font-weight:600}.form-input:not([hidden]){display:grid;align-items:start;justify-items:center}.form-input_label:hover{cursor:pointer}.form-input_error{color:var(--error-text)}.form-input_file{display:none}.form-input_text{min-width:40%;border-style:solid;border-color:var(--dark-grey-3);box-shadow:var(--light-shadow);border-radius:.5rem;font-size:1.8rem;text-align:center;padding:.8rem}.form-input_text--row{width:60%}.form-input_legend{padding:0 .5rem .5rem;font-weight:600}.form-input_text::placeholder{color:var(--light-grey-4);font-style:italic}.form-input--row:not([hidden]){display:flex;text-align:start;align-items:center;justify-content:space-between;width:80%;margin:1.5rem auto}.form-input_input_text{border-radius:.5rem;padding:.5rem;width:50%;align-self:start;cursor:pointer;background-color:var(--light-grey-1);border:1px solid var(--dark-grey-2)}.key-value-input:not([hidden]){display:grid;width:40%;grid-row-gap:5px}.key-value-input--row{display:grid;grid-template-columns:1fr 1fr 20px;grid-column-gap:10px}.key-input:not([hidden]){display:grid;width:40%;grid-row-gap:5px}.key-input--row{display:grid;grid-template-columns:1fr 20px;grid-column-gap:10px}.login{display:grid;justify-items:center;align-items:start}a.btn{text-decoration:none}a.btn--back{grid-row-start:header-start;grid-row-end:header-end;grid-column-start:center-start;grid-column-end:col-start;font-size:1.4rem;color:var(--light-grey-1);align-self:center}a.btn--discreet{color:var(--dark-grey-2)}a.link{color:var(--pink)}a.link:focus,a.link :active,a.link :hover{color:var(--dark-pink)}input.invalid{border-color:var(--error-text)}fieldset{border-color:var(--light-grey-4);margin:0 auto;border-width:0;border-top-width:2px;width:70%;padding-bottom:1rem}ul{padding:0 2rem}ul>li{text-align:left;max-width:80%;margin:0 auto}ul>li.clean{list-style:none}ul>li.center{text-align:center}.highlight{color:var(--pink)}.bold{font-weight:bold}.btn-set{padding-bottom:3rem;display:grid;grid-template-rows:repeat(2, min-content);grid-row-gap:1.5rem;justify-items:center}.btn{font-size:1.6rem;font-weight:600;border-radius:.8rem;border-style:none;padding:.6rem 0;width:80%;background-color:var(--light-pink);color:var(--light-grey-1);box-shadow:var(--light-shadow)}.btn:disabled{pointer-events:none;background-color:var(--dark-grey-2)}.btn:hover{background-color:var(--dark-pink);color:var(--light-grey-1);box-shadow:var(--dark-shadow);cursor:pointer}.btn:active{transform:translateY(0.2rem);background-color:var(--light-grey-4);color:var(--light-pink);box-shadow:var(--dark-shadow);cursor:pointer}.btn--secondary{background-color:var(--light-grey-1);color:var(--pink);border-style:solid;border-color:var(--pink);padding:.6rem 1rem;width:20%;min-width:min-content}.btn--secondary:hover,.btn--secondary:active{background-color:var(--light-grey-2);color:var(--dark-pink);border-color:var(--dark-pink)}.btn--medium{width:60%}.response-msg{align-self:start;padding:0 1rem 1rem}.response-msg--error{color:var(--error-text)}.response-msg--success{color:var(--success-text)}.status-icon{width:4.5rem;height:4.5rem}.rotating{animation:spin 2s linear infinite}@keyframes spin{from{transform:rotate(0deg)}to{transform:rotate(360deg)}}.info-table{margin-left:auto;margin-right:auto;min-width:60%;max-width:90%;border-collapse:collapse}.info-table tr{border:1px solid var(--light-grey-4)}.info-table tr :first-child{text-align:left}.info-table tr :last-child{text-align:right}.info-table td,.info-table th{padding:.25rem 1rem}.info-table td img,.info-table th img{display:block;margin:0 auto}.info-table_status-icon{max-height:3.25rem;aspect-ratio:1}.info-table--left{text-align:left}.loading-spinner{display:none;width:50px;height:50px;border:5px solid var(--light-grey-pink);border-radius:50%;border-top-color:var(--pink);animation:spin 1s ease-in-out infinite;text-align:center}@keyframes spin{to{-webkit-transform:rotate(360deg)}}
+:root {
+ --success: #0dc988;
+ --failure: #c90d4e;
+ --neutral: #00aeff;
+ --success-text: #0dc988;
+ --error-text: #c90d4e;
+ --pink: #eb2f64;
+ --light-pink: #ff3366;
+ --dark-pink: #ba265d;
+ --light-grey-pink: #f1e4ef;
+ --light-grey-1: #faf9f9;
+ --light-grey-2: #f4f2f2;
+ --light-grey-3: #f0eeee;
+ --light-grey-4: #ccc;
+ --dark-grey-1: #333;
+ --dark-grey-2: #777;
+ --dark-grey-3: #999;
+ --dark-shadow: 0 1rem 1rem rgba(0, 0, 0, 0.3);
+ --light-shadow: 0 1rem 1rem rgba(0, 0, 0, 0.1);
+ --grey-border-bottom-1: 1px solid var(--light-grey-2);
+}
+*,
+*::before,
+*::after {
+ margin: 0;
+ padding: 0;
+ box-sizing: inherit;
+}
+html {
+ box-sizing: border-box;
+ font-size: 62.5%;
+}
+body {
+ font-family: 'Open Sans', sans-serif;
+ font-weight: 400;
+ line-height: 1.6;
+ color: var(--dark-grey-2);
+ background-image: linear-gradient(to right bottom, var(--light-pink), var(--dark-pink));
+ background-size: cover;
+ background-repeat: no-repeat;
+ min-height: 100vh;
+}
+.content {
+ display: grid;
+ grid-template-rows: [header-start] 20vh [header-end content-start] 30vh min-content [content-end footer-start] 10vh [footer-end];
+ grid-template-columns:
+ [full-start] minmax(6rem, 1fr) [center-start] repeat(
+ 8,
+ [col-start] minmax(min-content, 14rem) [col-end]
+ )
+ [center-end] minmax(6rem, 1fr) [full-end];
+}
+.content_body {
+ font-size: 1.6rem;
+ border-radius: 1rem;
+ grid-row-start: content-start;
+ grid-row-end: content-end;
+ grid-column-start: center-start;
+ grid-column-end: center-end;
+ display: grid;
+ background-color: var(--light-grey-1);
+ text-align: center;
+ grid-template-rows: minmax(5rem, 1fr) minmax(5rem, 0.5fr);
+}
+.content_body--small {
+ grid-template-rows: min-content minmax(min-content, 1fr);
+}
+.content-menu {
+ align-content: space-around;
+ display: grid;
+ grid-template-rows: repeat(2, minmax(min-content, 2rem));
+}
+.content_header {
+ padding: 3rem;
+ align-self: start;
+}
+.form {
+ font-size: 1.6rem;
+ border-radius: 1rem;
+ grid-row-start: content-start;
+ grid-row-end: content-end;
+ grid-column-start: center-start;
+ grid-column-end: center-end;
+ display: grid;
+ background-color: var(--light-grey-1);
+ text-align: center;
+ grid-template-rows: minmax(10rem, 1fr) minmax(5rem, min-content);
+ grid-row-gap: 2rem;
+}
+.form_body:not([hidden]) {
+ display: grid;
+ grid-template-rows: repeat(2, minmax(5rem, 1fr));
+ grid-row-gap: 2rem;
+}
+.form_body--headed:not([hidden]) {
+ grid-template-rows: auto;
+}
+.form_submit:not([hidden]) {
+ display: grid;
+ text-align: center;
+ justify-items: center;
+ align-items: center;
+ grid-template-rows: minmax(2rem, min-content) minmax(3rem, 1fr) minmax(
+ 2rem,
+ min-content
+ );
+ grid-row-gap: 0.6rem;
+ margin: 2rem 0;
+}
+.form--logout {
+ display: grid;
+ grid-column-start: 8;
+ grid-column-end: center-end;
+ justify-items: end;
+ align-items: center;
+}
+.form_helper-text {
+ font-size: 1.3rem;
+ padding-bottom: 0.6rem;
+}
+.form-select:not([hidden]) {
+ display: grid;
+ justify-items: center;
+ align-items: center;
+}
+.form-select_dropdown {
+ border-radius: 0.5rem;
+ padding: 0.5rem;
+ width: 50%;
+ box-shadow: var(--light-shadow);
+ align-self: start;
+ cursor: pointer;
+}
+.form-select_dropdown_table {
+ background-color: var(--light-grey-1);
+ border: none;
+ text-align-last: left;
+ color: var(--dark-grey-2);
+}
+.form-checkbox:not([hidden]),
+.form-radio:not([hidden]) {
+ display: grid;
+ grid-template-columns: repeat(auto-fit, minmax(min-content, 50%));
+ grid-template-rows: auto;
+ justify-content: space-around;
+ align-content: center;
+ grid-row-gap: 1rem;
+}
+.form-checkbox_input,
+.form-radio_input {
+ display: grid;
+ grid-template-columns: repeat(2, min-content);
+ grid-column-gap: 0.5rem;
+ justify-content: center;
+}
+.form-checkbox_input label,
+.form-checkbox_input input,
+.form-radio_input label,
+.form-radio_input input {
+ cursor: pointer;
+}
+.form-checkbox_input label,
+.form-radio_input label {
+ line-height: 100%;
+ padding: 0.2rem 0;
+}
+.form-checkbox_legend,
+.form-radio_legend {
+ padding: 0 0.5rem 0.5rem;
+ font-weight: 600;
+}
+.form-input:not([hidden]) {
+ display: grid;
+ align-items: start;
+ justify-items: center;
+}
+.form-input_label:hover {
+ cursor: pointer;
+}
+.form-input_error {
+ color: var(--error-text);
+}
+.form-input_file {
+ display: none;
+}
+.form-input_text {
+ min-width: 40%;
+ border-style: solid;
+ border-color: var(--dark-grey-3);
+ box-shadow: var(--light-shadow);
+ border-radius: 0.5rem;
+ font-size: 1.8rem;
+ text-align: center;
+ padding: 0.8rem;
+}
+.form-input_text--row {
+ width: 60%;
+}
+.form-input_legend {
+ padding: 0 0.5rem 0.5rem;
+ font-weight: 600;
+}
+.form-input_text::placeholder {
+ color: var(--light-grey-4);
+ font-style: italic;
+}
+.form-input--row:not([hidden]) {
+ display: flex;
+ text-align: start;
+ align-items: center;
+ justify-content: space-between;
+ width: 80%;
+ margin: 1.5rem auto;
+}
+.form-input_input_text {
+ border-radius: 0.5rem;
+ padding: 0.5rem;
+ width: 50%;
+ align-self: start;
+ cursor: pointer;
+ background-color: var(--light-grey-1);
+ border: 1px solid var(--dark-grey-2);
+}
+.key-value-input:not([hidden]) {
+ display: grid;
+ width: 40%;
+ grid-row-gap: 5px;
+}
+.key-value-input--row {
+ display: grid;
+ grid-template-columns: 1fr 1fr 20px;
+ grid-column-gap: 10px;
+}
+.key-input:not([hidden]) {
+ display: grid;
+ width: 40%;
+ grid-row-gap: 5px;
+}
+.key-input--row {
+ display: grid;
+ grid-template-columns: 1fr 20px;
+ grid-column-gap: 10px;
+}
+.login {
+ display: grid;
+ justify-items: center;
+ align-items: start;
+}
+a.btn {
+ text-decoration: none;
+}
+a.btn--back {
+ grid-row-start: header-start;
+ grid-row-end: header-end;
+ grid-column-start: center-start;
+ grid-column-end: col-start;
+ font-size: 1.4rem;
+ color: var(--light-grey-1);
+ align-self: center;
+}
+a.btn--discreet {
+ color: var(--dark-grey-2);
+}
+a.link {
+ color: var(--pink);
+}
+a.link:focus,
+a.link :active,
+a.link :hover {
+ color: var(--dark-pink);
+}
+input.invalid {
+ border-color: var(--error-text);
+}
+fieldset {
+ border-color: var(--light-grey-4);
+ margin: 0 auto;
+ border-width: 0;
+ border-top-width: 2px;
+ width: 70%;
+ padding-bottom: 1rem;
+}
+ul {
+ padding: 0 2rem;
+}
+ul > li {
+ text-align: left;
+ max-width: 80%;
+ margin: 0 auto;
+}
+ul > li.clean {
+ list-style: none;
+}
+ul > li.center {
+ text-align: center;
+}
+.highlight {
+ color: var(--pink);
+}
+.bold {
+ font-weight: bold;
+}
+.btn-set {
+ padding-bottom: 3rem;
+ display: grid;
+ grid-template-rows: repeat(2, min-content);
+ grid-row-gap: 1.5rem;
+ justify-items: center;
+}
+.btn {
+ font-size: 1.6rem;
+ font-weight: 600;
+ border-radius: 0.8rem;
+ border-style: none;
+ padding: 0.6rem 0;
+ width: 80%;
+ background-color: var(--light-pink);
+ color: var(--light-grey-1);
+ box-shadow: var(--light-shadow);
+}
+.btn:disabled {
+ pointer-events: none;
+ background-color: var(--dark-grey-2);
+}
+.btn:hover {
+ background-color: var(--dark-pink);
+ color: var(--light-grey-1);
+ box-shadow: var(--dark-shadow);
+ cursor: pointer;
+}
+.btn:active {
+ transform: translateY(0.2rem);
+ background-color: var(--light-grey-4);
+ color: var(--light-pink);
+ box-shadow: var(--dark-shadow);
+ cursor: pointer;
+}
+.btn--secondary {
+ background-color: var(--light-grey-1);
+ color: var(--pink);
+ border-style: solid;
+ border-color: var(--pink);
+ padding: 0.6rem 1rem;
+ width: 20%;
+ min-width: min-content;
+}
+.btn--secondary:hover,
+.btn--secondary:active {
+ background-color: var(--light-grey-2);
+ color: var(--dark-pink);
+ border-color: var(--dark-pink);
+}
+.btn--medium {
+ width: 60%;
+}
+.response-msg {
+ align-self: start;
+ padding: 0 1rem 1rem;
+}
+.response-msg--error {
+ color: var(--error-text);
+}
+.response-msg--success {
+ color: var(--success-text);
+}
+.status-icon {
+ width: 4.5rem;
+ height: 4.5rem;
+}
+.rotating {
+ animation: spin 2s linear infinite;
+}
+@keyframes spin {
+ from {
+ transform: rotate(0deg);
+ }
+ to {
+ transform: rotate(360deg);
+ }
+}
+.info-table {
+ margin-left: auto;
+ margin-right: auto;
+ min-width: 60%;
+ max-width: 90%;
+ border-collapse: collapse;
+}
+.info-table tr {
+ border: 1px solid var(--light-grey-4);
+}
+.info-table tr :first-child {
+ text-align: left;
+}
+.info-table tr :last-child {
+ text-align: right;
+}
+.info-table td,
+.info-table th {
+ padding: 0.25rem 1rem;
+}
+.info-table td img,
+.info-table th img {
+ display: block;
+ margin: 0 auto;
+}
+.info-table_status-icon {
+ max-height: 3.25rem;
+ aspect-ratio: 1;
+}
+.info-table--left {
+ text-align: left;
+}
+.loading-spinner {
+ display: none;
+ width: 50px;
+ height: 50px;
+ border: 5px solid var(--light-grey-pink);
+ border-radius: 50%;
+ border-top-color: var(--pink);
+ animation: spin 1s ease-in-out infinite;
+ text-align: center;
+}
+@keyframes spin {
+ to {
+ -webkit-transform: rotate(360deg);
+ }
+}
diff --git a/api/test/e2e/README.md b/api/test/e2e/README.md
index cf30d25..db4d54f 100644
--- a/api/test/e2e/README.md
+++ b/api/test/e2e/README.md
@@ -9,7 +9,7 @@ performed that require the relevant resources to be available in AWS (files in S
Run [this](./setup_e2e_tests.py) script, passing in values for the environment variables listed below.
-``` bash
+```bash
CLIENT_ID
CLIENT_SECRET
BASE_URL
diff --git a/api/test/e2e/test_files/schemas/test_e2e_protected-do_not_delete.json b/api/test/e2e/test_files/schemas/test_e2e_protected-do_not_delete.json
index c67347c..eacc553 100644
--- a/api/test/e2e/test_files/schemas/test_e2e_protected-do_not_delete.json
+++ b/api/test/e2e/test_files/schemas/test_e2e_protected-do_not_delete.json
@@ -1,62 +1,62 @@
{
- "metadata": {
- "layer": "default",
- "domain": "test_e2e_protected",
- "dataset": "do_not_delete",
- "sensitivity": "PROTECTED",
- "description": "A test dataset",
- "key_value_tags": {},
- "key_only_tags": [],
- "owners": [
- {
- "name": "test_e2e_protected",
- "email": "test_e2e_protected@email.com"
- }
- ],
- "update_behaviour": "OVERWRITE"
+ "metadata": {
+ "layer": "default",
+ "domain": "test_e2e_protected",
+ "dataset": "do_not_delete",
+ "sensitivity": "PROTECTED",
+ "description": "A test dataset",
+ "key_value_tags": {},
+ "key_only_tags": [],
+ "owners": [
+ {
+ "name": "test_e2e_protected",
+ "email": "test_e2e_protected@email.com"
+ }
+ ],
+ "update_behaviour": "OVERWRITE"
+ },
+ "columns": [
+ {
+ "name": "year",
+ "partition_index": null,
+ "data_type": "int",
+ "allow_null": true,
+ "format": null
},
- "columns": [
- {
- "name": "year",
- "partition_index": null,
- "data_type": "int",
- "allow_null": true,
- "format": null
- },
- {
- "name": "month",
- "partition_index": null,
- "data_type": "int",
- "allow_null": true,
- "format": null
- },
- {
- "name": "destination",
- "partition_index": null,
- "data_type": "string",
- "allow_null": true,
- "format": null
- },
- {
- "name": "arrival",
- "partition_index": null,
- "data_type": "string",
- "allow_null": true,
- "format": null
- },
- {
- "name": "type",
- "partition_index": null,
- "data_type": "string",
- "allow_null": true,
- "format": null
- },
- {
- "name": "status",
- "partition_index": null,
- "data_type": "string",
- "allow_null": true,
- "format": null
- }
- ]
+ {
+ "name": "month",
+ "partition_index": null,
+ "data_type": "int",
+ "allow_null": true,
+ "format": null
+ },
+ {
+ "name": "destination",
+ "partition_index": null,
+ "data_type": "string",
+ "allow_null": true,
+ "format": null
+ },
+ {
+ "name": "arrival",
+ "partition_index": null,
+ "data_type": "string",
+ "allow_null": true,
+ "format": null
+ },
+ {
+ "name": "type",
+ "partition_index": null,
+ "data_type": "string",
+ "allow_null": true,
+ "format": null
+ },
+ {
+ "name": "status",
+ "partition_index": null,
+ "data_type": "string",
+ "allow_null": true,
+ "format": null
+ }
+ ]
}
diff --git a/docs/api/routes/client.md b/docs/api/routes/client.md
index 4096438..88cbf39 100644
--- a/docs/api/routes/client.md
+++ b/docs/api/routes/client.md
@@ -12,17 +12,14 @@ As a maintainer of a rAPId you can create new clients to interact with the API t
### Inputs
-| Parameters | Usage | Example values | Definition |
-|------------------|---------------------|------------------|---------------------------------------------------------------------------|
-| `client details` | JSON Request Body | See below | The name of the client application to onboard and the granted permissions |
+| Parameters | Usage | Example values | Definition |
+| ---------------- | ----------------- | -------------- | ------------------------------------------------------------------------- |
+| `client details` | JSON Request Body | See below | The name of the client application to onboard and the granted permissions |
```json
{
- "client_name": "department_for_education",
- "permissions": [
- "READ_ALL",
- "WRITE_PUBLIC"
- ]
+ "client_name": "department_for_education",
+ "permissions": ["READ_ALL", "WRITE_PUBLIC"]
}
```
@@ -42,10 +39,7 @@ Once the new client has been created, the following information is returned in t
```json
{
"client_name": "department_for_education",
- "permissions": [
- "READ_ALL",
- "WRITE_PUBLIC"
- ],
+ "permissions": ["READ_ALL", "WRITE_PUBLIC"],
"client_id": "1234567890-abcdefghijk",
"client_secret": "987654321"
}
diff --git a/docs/api/routes/dataset.md b/docs/api/routes/dataset.md
index f1c157d..089919a 100644
--- a/docs/api/routes/dataset.md
+++ b/docs/api/routes/dataset.md
@@ -15,7 +15,7 @@ You will need a relevant `WRITE` permission that matches the dataset senstivity
### Inputs
| Parameters | Required | Usage | Example values | Definition |
-|------------|----------|-----------------------------------------|-----------------------------|-------------------------|
+| ---------- | -------- | --------------------------------------- | --------------------------- | ----------------------- |
| `layer` | True | URL parameter | `default` | layer of the dataset |
| `domain` | True | URL parameter | `air` | domain of the dataset |
| `dataset` | True | URL parameter | `passengers_by_airport` | dataset title |
@@ -52,11 +52,11 @@ Use this endpoint to delete all the contents linked to a layer/domain/dataset. I
### Inputs
-| Parameters | Required | Usage | Example values | Definition |
-|------------|----------|---------------|---------------------------------|-------------------------------|
-| `layer` | True | URL parameter | `raw` | layer of the dataset |
-| `domain` | True | URL parameter | `land` | domain of the dataset |
-| `dataset` | True | URL parameter | `train_journeys` | dataset title |
+| Parameters | Required | Usage | Example values | Definition |
+| ---------- | -------- | ------------- | ---------------- | --------------------- |
+| `layer` | True | URL parameter | `raw` | layer of the dataset |
+| `domain` | True | URL parameter | `land` | domain of the dataset |
+| `dataset` | True | URL parameter | `train_journeys` | dataset title |
### Outputs
@@ -64,7 +64,7 @@ If successful returns the dataset has been deleted
```json
{
- "details": "{dataset} has been deleted."
+ "details": "{dataset} has been deleted."
}
```
@@ -86,7 +86,7 @@ You will need a relevant `WRITE` permission that matches the dataset senstivity
### Inputs
| Parameters | Required | Usage | Example values | Definition |
-|------------|----------|---------------|---------------------------------|-------------------------------|
+| ---------- | -------- | ------------- | ------------------------------- | ----------------------------- |
| `layer` | True | URL parameter | `raw` | layer of the dataset |
| `domain` | True | URL parameter | `land` | domain of the dataset |
| `dataset` | True | URL parameter | `train_journeys` | dataset title |
@@ -99,7 +99,7 @@ If successful returns the file has been deleted
```json
{
- "details": "{filename} has been deleted."
+ "details": "{filename} has been deleted."
}
```
@@ -112,7 +112,6 @@ If you do not specify any filter values, you will retrieve all available dataset
You can optionally enrich the information returned, this will include values like `Last Updated Time`, `Description` and `Tags`.
-
### Required Permissions
None
@@ -123,11 +122,10 @@ None
### Inputs
-| Parameters | Required| Usage | Example values | Definition |
-|---------------|---------|-----------------------------------------|------------------------------------------------------------------------------------------------------- |-----------------------|
-| enriched | False | Boolean Query parameter | True | enriches the metadata |
-| query | False | JSON Request Body | Consult the [docs](https://github.com/no10ds/rapid-api/blob/main/docs/guides/usage/usage.md#examples-2)| the filtering query |
-
+| Parameters | Required | Usage | Example values | Definition |
+| ---------- | -------- | ----------------------- | ------------------------------------------------------------------------------------------------------- | --------------------- |
+| enriched | False | Boolean Query parameter | True | enriches the metadata |
+| query | False | JSON Request Body | Consult the [docs](https://github.com/no10ds/rapid-api/blob/main/docs/guides/usage/usage.md#examples-2) | the filtering query |
### Outputs
@@ -181,22 +179,19 @@ None
### Inputs
-| Parameters | Required | Usage | Example values | Definition |
-|---------------|-----------|-----------------------------------------|------------------------------|-----------------------|
-| `layer` | True | URL parameter | `raw` | layer of the dataset |
-| `domain` | True | URL parameter | `land` | domain of the dataset |
-| `dataset` | True | URL parameter | `train_journeys` | dataset title |
-| `version` | True | URL parameter | `3` | dataset version |
+| Parameters | Required | Usage | Example values | Definition |
+| ---------- | -------- | ------------- | ---------------- | --------------------- |
+| `layer` | True | URL parameter | `raw` | layer of the dataset |
+| `domain` | True | URL parameter | `land` | domain of the dataset |
+| `dataset` | True | URL parameter | `train_journeys` | dataset title |
+| `version` | True | URL parameter | `3` | dataset version |
### Outputs
List of raw files in json format, e.g.:
```json
-[
- "2022-01-21T17:12:31-file1.csv",
- "2022-01-24T11:43:28-file2.csv"
-]
+["2022-01-21T17:12:31-file1.csv", "2022-01-24T11:43:28-file2.csv"]
```
## Query
@@ -213,14 +208,13 @@ You will need `READ` permission appropriate to the dataset sensitivity level, e.
### Inputs
-| Parameters | Required | Usage | Example values | Definition |
-|---------------|--------------|-------------------------|-----------------------------------------------------------------------------------------------------------------------------|-------------------------------|
-| `layer` | True | URL parameter | `raw` | layer of the dataset |
-| `domain` | True | URL parameter | `space` | domain of the dataset |
-| `dataset` | True | URL parameter | `rocket_launches` | dataset title |
-| `version` | False | Query parameter | '3' | dataset version |
-| `query` | False | JSON Request Body | Consult the [docs](https://github.com/no10ds/rapid-api/blob/main/docs/guides/usage/usage.md#how-to-construct-a-query-object)| the query object |
-
+| Parameters | Required | Usage | Example values | Definition |
+| ---------- | -------- | ----------------- | ---------------------------------------------------------------------------------------------------------------------------- | --------------------- |
+| `layer` | True | URL parameter | `raw` | layer of the dataset |
+| `domain` | True | URL parameter | `space` | domain of the dataset |
+| `dataset` | True | URL parameter | `rocket_launches` | dataset title |
+| `version` | False | Query parameter | '3' | dataset version |
+| `query` | False | JSON Request Body | Consult the [docs](https://github.com/no10ds/rapid-api/blob/main/docs/guides/usage/usage.md#how-to-construct-a-query-object) | the query object |
### Outputs
@@ -264,14 +258,13 @@ You will need a `READ` permission appropriate to the dataset sensitivity level,
### Inputs
-| Parameters | Required | Usage | Example values | Definition |
-|---------------|--------------|-------------------------|-----------------------------------------------------------------------------------------------------------------------------|-------------------------------|
-| `layer` | True | URL parameter | `raw` | layer of the dataset |
-| `domain` | True | URL parameter | `space` | domain of the dataset |
-| `dataset` | True | URL parameter | `rocket_launches` | dataset title |
-| `version` | False | Query parameter | '3' | dataset version |
-| `query` | False | JSON Request Body | Consult the [docs](https://github.com/no10ds/rapid-api/blob/main/docs/guides/usage/usage.md#how-to-construct-a-query-object)| the query object |
-
+| Parameters | Required | Usage | Example values | Definition |
+| ---------- | -------- | ----------------- | ---------------------------------------------------------------------------------------------------------------------------- | --------------------- |
+| `layer` | True | URL parameter | `raw` | layer of the dataset |
+| `domain` | True | URL parameter | `space` | domain of the dataset |
+| `dataset` | True | URL parameter | `rocket_launches` | dataset title |
+| `version` | False | Query parameter | '3' | dataset version |
+| `query` | False | JSON Request Body | Consult the [docs](https://github.com/no10ds/rapid-api/blob/main/docs/guides/usage/usage.md#how-to-construct-a-query-object) | the query object |
### Outputs
@@ -281,10 +274,7 @@ Asynchronous Job ID that can be used to track the progress of the query. Once th
Use this endpoint to retrieve basic information for specific datasets, if there is no data stored for the dataset and error will be thrown.
-When a valid dataset is retrieved the available data will be the schema definition with some extra values such as:
- - number of rows
- - number of columns
- - statistics data for date columns
+When a valid dataset is retrieved the available data will be the schema definition with some extra values such as: - number of rows - number of columns - statistics data for date columns
### Required Permissions
@@ -296,12 +286,12 @@ You will need any `READ` permission, e.g.: `READ_ALL`, `READ_PUBLIC`, `READ_PRIV
### Inputs
-| Parameters | Required | Usage | Example values | Definition |
-|------------|----------|-------------------|------------------|-----------------------|
-| `layer` | True | URL parameter | `raw` | layer of the dataset |
-| `domain` | True | URL parameter | `land` | domain of the dataset |
-| `dataset` | True | URL parameter | `train_journeys` | dataset title |
-| `version` | False | Query parameter | `3` | dataset version |
+| Parameters | Required | Usage | Example values | Definition |
+| ---------- | -------- | --------------- | ---------------- | --------------------- |
+| `layer` | True | URL parameter | `raw` | layer of the dataset |
+| `domain` | True | URL parameter | `land` | domain of the dataset |
+| `dataset` | True | URL parameter | `train_journeys` | dataset title |
+| `version` | False | Query parameter | `3` | dataset version |
### Outputs
diff --git a/docs/api/routes/permissions.md b/docs/api/routes/permissions.md
index aa195ce..3c106ea 100644
--- a/docs/api/routes/permissions.md
+++ b/docs/api/routes/permissions.md
@@ -15,13 +15,7 @@ Use this endpoint to list all available permissions that can be granted to users
List of permissions:
```json
-[
- "DATA_ADMIN",
- "USER_ADMIN",
- "WRITE_ALL",
- "READ_PROTECTED_",
- "..."
-]
+["DATA_ADMIN", "USER_ADMIN", "WRITE_ALL", "READ_PROTECTED_", "..."]
```
## List Subject Permissions
@@ -41,11 +35,5 @@ Use this endpoint to list all permissions that are assigned to a subject.
List of permissions:
```json
-[
- "DATA_ADMIN",
- "USER_ADMIN",
- "WRITE_ALL",
- "READ_PROTECTED_",
- "..."
-]
+["DATA_ADMIN", "USER_ADMIN", "WRITE_ALL", "READ_PROTECTED_", "..."]
```
diff --git a/docs/api/routes/protected_domain.md b/docs/api/routes/protected_domain.md
index fb308ed..9d12b9c 100644
--- a/docs/api/routes/protected_domain.md
+++ b/docs/api/routes/protected_domain.md
@@ -12,9 +12,9 @@ Protected domains can be created to restrict access permissions to specific doma
### Inputs
-| Parameters | Usage | Example values | Definition |
-|------------------|---------------------|------------------|----------------------------------|
-| `domain` | URL Parameter | `land` | The name of the protected domain |
+| Parameters | Usage | Example values | Definition |
+| ---------- | ------------- | -------------- | -------------------------------- |
+| `domain` | URL Parameter | `land` | The name of the protected domain |
## List
@@ -33,8 +33,5 @@ Use this endpoint to list the protected domains that currently exist.
List of protected permissions in json format in the response body:
```json
-[
- "land",
- "department"
-]
+["land", "department"]
```
diff --git a/docs/api/routes/schema.md b/docs/api/routes/schema.md
index a4b7b2d..0e3b5d4 100644
--- a/docs/api/routes/schema.md
+++ b/docs/api/routes/schema.md
@@ -4,7 +4,6 @@ In order to upload the dataset for the first time, you need to define its schema
> The first 50MB of the uploaded file (regardless of size) are used to infer the schema. Consider uploading a representative sample of your dataset (e.g.: the first 10,000 rows) instead of uploading the entire large file which could take a long time
-
### Permissions
Any
@@ -13,11 +12,10 @@ Any
`POST /schema/{sensitivity}/{domain}/{dataset}/generate`
-
### Inputs
| Parameters | Usage | Example values | Definition |
-|---------------|-----------------------------------------|------------------------------|----------------------------|
+| ------------- | --------------------------------------- | ---------------------------- | -------------------------- |
| `layer` | URL parameter | `default` | layer of the dataset |
| `sensitivity` | URL parameter | `PUBLIC, PRIVATE, PROTECTED` | sensitivity of the dataset |
| `domain` | URL parameter | `land` | domain of the dataset |
@@ -77,9 +75,9 @@ When you have a schema definition you can use this endpoint to upload it. This w
### Inputs
-| Parameters | Usage | Example values | Definition |
-|---------------|-----------------------------------------|------------------------------|-----------------------|
-| schema | JSON request body | see below | the schema definition |
+| Parameters | Usage | Example values | Definition |
+| ---------- | ----------------- | -------------- | --------------------- |
+| schema | JSON request body | see below | the schema definition |
Example schema JSON body:
@@ -93,9 +91,7 @@ Example schema JSON body:
"key_value_tags": {
"train": "passenger"
},
- "key_only_tags": [
- "land"
- ],
+ "key_only_tags": ["land"],
"owners": [
{
"name": "Stanley Shunpike",
@@ -141,7 +137,7 @@ Any relevant `WRITE` permissions that matches dataset sensitivity level, e.g. `W
### Inputs
| Parameters | Required | Usage | Example values | Definition |
-|------------|----------|-----------------------------------------|-----------------------------|-------------------------|
+| ---------- | -------- | --------------------------------------- | --------------------------- | ----------------------- |
| `layer` | True | URL parameter | `default` | layer of the dataset |
| `domain` | True | URL parameter | `air` | domain of the dataset |
| `dataset` | True | URL parameter | `passengers_by_airport` | dataset title |
diff --git a/docs/api/routes/subject.md b/docs/api/routes/subject.md
index 298dd3f..d1dea54 100644
--- a/docs/api/routes/subject.md
+++ b/docs/api/routes/subject.md
@@ -43,17 +43,14 @@ Use this endpoint to modify the permissions that are granted to users and client
### Inputs
-| Parameters | Usage | Example values | Definition |
-|-----------------------|---------------------|------------------|----------------------------------------|
-| `Subject Permissions` | JSON Request Body | See below | The details used to modify permissions |
+| Parameters | Usage | Example values | Definition |
+| --------------------- | ----------------- | -------------- | -------------------------------------- |
+| `Subject Permissions` | JSON Request Body | See below | The details used to modify permissions |
```json
{
"subject_id": "123456789",
- "permissions": [
- "READ_ALL",
- "WRITE_PUBLIC"
- ]
+ "permissions": ["READ_ALL", "WRITE_PUBLIC"]
}
```
@@ -64,9 +61,6 @@ Confirmation of permissions:
```json
{
"subject_id": "123456789",
- "permissions": [
- "READ_ALL",
- "WRITE_PUBLIC"
- ]
+ "permissions": ["READ_ALL", "WRITE_PUBLIC"]
}
```
diff --git a/docs/api/routes/user.md b/docs/api/routes/user.md
index d7a5f29..5da8a99 100644
--- a/docs/api/routes/user.md
+++ b/docs/api/routes/user.md
@@ -12,18 +12,15 @@ As a maintainer of a rAPId you can create new users to interact with the API to
### Inputs
-| Parameters | Usage | Example values | Definition |
-|------------------|---------------------|------------------|---------------------------------------------------------------------------|
-| `User details` | JSON Request Body | See below | The name of the user application to onboard and the granted permissions |
+| Parameters | Usage | Example values | Definition |
+| -------------- | ----------------- | -------------- | ----------------------------------------------------------------------- |
+| `User details` | JSON Request Body | See below | The name of the user application to onboard and the granted permissions |
```json
{
"username": "jhon_doe",
"email": "jhon.doe@email.com",
- "permissions": [
- "READ_ALL",
- "WRITE_PUBLIC"
- ]
+ "permissions": ["READ_ALL", "WRITE_PUBLIC"]
}
```
@@ -39,11 +36,11 @@ The username must adhere to the following conditions:
#### Email address
The email must adhere to the following conditions:
+
- The domain must be included on the `ALLOWED_EMAIL_DOMAINS` environment
- Must satisfy the Email Standard Structure `RFC5322` (
see [Email Address in Wikipedia](https://en.wikipedia.org/wiki/Email_address))
-
### Outputs
Once the new user has been created, the following information will be shown in the response:
@@ -52,10 +49,7 @@ Once the new user has been created, the following information will be shown in t
{
"username": "jhon_doe",
"email": "jhon.doe@email.com",
- "permissions": [
- "READ_ALL",
- "WRITE_PUBLIC"
- ],
+ "permissions": ["READ_ALL", "WRITE_PUBLIC"],
"user_id": "some-generated-id-eq2e3q-eqwe32-12eqwe214q"
}
```
@@ -74,9 +68,9 @@ Given a user already exists you can delete them from rAPId.
### Inputs
-| Parameters | Usage | Example values | Definition |
-|------------------|---------------------|------------------|---------------------------------------|
-| `user details` | JSON Request Body | See below | The name and id of the user to delete |
+| Parameters | Usage | Example values | Definition |
+| -------------- | ----------------- | -------------- | ------------------------------------- |
+| `user details` | JSON Request Body | See below | The name and id of the user to delete |
```json
{
diff --git a/docs/api/schema.md b/docs/api/schema.md
index 6dc4fd8..314cbb4 100644
--- a/docs/api/schema.md
+++ b/docs/api/schema.md
@@ -10,50 +10,57 @@ A schema is defined with the following structure:
#### General information of the schema.
- - `layer` - String value, this is the name of the layer within rAPId that you wish to place the dataset within. The possible values of this are unique to the rAPId instance and specified on creation. If none is provided, the option will be `default`.
- - `domain` - String value, is the name of the domain that owns the dataset, it could be for example the name of the department that handles the data.
- - `dataset` - String value, is the name of the dataset. e.g.: "receipts" or "address".
- - `sensitivity` - String value, is the sensitivity level of the dataset. e.g.: "PUBLIC", "PRIVATE", "PROTECTED"
- - `description` - Free text string that provides human readable information about the details of the dataset.
- - `version` - int value, denotes the schema version
- - `key_value_tags` - Dictionary of string keys and values to associate to the dataset. e.g.: `{"school_level": "primary", "school_type": "private"}`
- - `key_only_tags` - List of strings of tags to associate to the dataset. e.g.: `["schooling", "benefits", "archive", "historic"]`
- - `update_behaviour` - String value, the action to take when a new file is uploaded. e.g.: `APPEND`, `OVERWRITE`.
+- `layer` - String value, this is the name of the layer within rAPId that you wish to place the dataset within. The possible values of this are unique to the rAPId instance and specified on creation. If none is provided, the option will be `default`.
+- `domain` - String value, is the name of the domain that owns the dataset, it could be for example the name of the department that handles the data.
+- `dataset` - String value, is the name of the dataset. e.g.: "receipts" or "address".
+- `sensitivity` - String value, is the sensitivity level of the dataset. e.g.: "PUBLIC", "PRIVATE", "PROTECTED"
+- `description` - Free text string that provides human readable information about the details of the dataset.
+- `version` - int value, denotes the schema version
+- `key_value_tags` - Dictionary of string keys and values to associate to the dataset. e.g.: `{"school_level": "primary", "school_type": "private"}`
+- `key_only_tags` - List of strings of tags to associate to the dataset. e.g.: `["schooling", "benefits", "archive", "historic"]`
+- `update_behaviour` - String value, the action to take when a new file is uploaded. e.g.: `APPEND`, `OVERWRITE`.
### Columns
#### A list defining the columns that are to be expected within the dataset.
- - `name` - String value, name of the column.
- - `data_type` - String value, this is an accepted pandas' data type, will be used to validate the schema.
- - `allow_null` - Boolean value, specifies whether the columns can have empty values or not.
- - `partition_index` (Optional) - Integer value, whether the column is a [partition](#partitions) and its index.
- - `format` (Conditional) - String value, regular expression used to specify the format of the dates. Will only be used and required if the data_type is date.
+- `name` - String value, name of the column.
+- `data_type` - String value, this is an accepted pandas' data type, will be used to validate the schema.
+- `allow_null` - Boolean value, specifies whether the columns can have empty values or not.
+- `partition_index` (Optional) - Integer value, whether the column is a [partition](#partitions) and its index.
+- `format` (Conditional) - String value, regular expression used to specify the format of the dates. Will only be used and required if the data_type is date.
### Sensitivity
+
The sensitivity level of a dataset can be described by one of three values: `PUBLIC`, `PRIVATE` and `PROTECTED`.
These determine the access level that different clients will have to the data depending on their permissions.
Notes if you wish to use the sensitivity level `PROTECTED` then you must first create a Protected Domain for your Dataset. See the [data access docs](data_access.md)
### Description
+
The description is where you can specify human readable details about the dataset so that a user can quickly understand the contents and purpose of a dataset.
### Version
+
The schema version is automatically generated and cannot be updated by the user
### Tags
+
You can add up to 30 custom tags to a dataset. These are in a key: value format which allow for identification and categorisation of the datasets.
Restrictions applying to the keys:
+
- Only alphanumeric characters, hyphens and underscores
- Length between 1 and 128 characters
Restrictions applying to the values:
+
- Only alphanumeric characters, hyphens and underscores
- Length between 0 and 256 characters
### Owners
+
You must specify at least one dataset owner.
Typically this is a point of contact if there are issues or questions surrounding the dataset.
@@ -61,18 +68,23 @@ Typically this is a point of contact if there are issues or questions surroundin
You MUST change the default values, otherwise an error will be thrown and schema upload will fail.
### Update Behaviour
+
The behaviour of the API when a new file is uploaded to the dataset. The possible values are:
+
- `APPEND` - New files will be added to the dataset, there are no duplication checks so new data must be unique. This is the default behaviour.
- `OVERWRITE` - Any new file will overwrite the current content. The overwrite will happen on the partitions, so if there is an old partition that is not included in the new dataset, that will not be overwritten.
### Column headings
+
Column heading names should follow a strict format. The [requirements](https://docs.aws.amazon.com/glue/latest/dg/add-classifier.html) are:
+
- Lowercase
- No whitespace
- No other punctuation except underscores, but not be exclusively underscores
- CAN include digits, but not be exclusively digits
### Accepted data types
+
The data accepted data types for a rAPId instance can be found detailed [here](https://docs.aws.amazon.com/athena/latest/ug/data-types.html). The only Athena types that are currently unsupported are array, map and struct types.
- `integer` - Use it to define integer values.
@@ -110,6 +122,7 @@ In order to make the application more efficient in terms of time and money when
maker in the rAPId service, in order to use it, just add an integer into the partition_index when creating a schema.
The partition columns must:
+
- Start with 0 as the first index.
- Be a positive integer.
- Be sequential (0, 1, 2, ... N), the lower the index number the higher the hierarchy.
@@ -195,10 +208,10 @@ Once all the values have been set up, just upload the json using the POST `/sche
## Auto-generated
-
Use the POST `/schema/{my_domain_name}/{my_datase_name}/generate` endpoint to automatically generate a draft for the schema.
Consider the following:
+
- The domain and dataset names will be taken from the url, but can be changed manually afterwards.
- It will not set any [partition columns](#partitions), ensure you add them after the schema has been generated.
- It might not infer the `date` type and its format, ensure you add this information if required.
@@ -315,4 +328,4 @@ You might then change the values that fit your data and come with something like
}
```
-Once all the values have been set up, just upload the json using the POST ```/schema``` endpoint of the rAPId instance to create a dataset.
+Once all the values have been set up, just upload the json using the POST `/schema` endpoint of the rAPId instance to create a dataset.
diff --git a/docs/api/usage.md b/docs/api/usage.md
index 36c8f91..1b43be8 100644
--- a/docs/api/usage.md
+++ b/docs/api/usage.md
@@ -3,7 +3,7 @@ The rAPId API serves to make data storage and retrieval as easy and consistent a
The API functionality includes:
- [Uploading a schema (i.e. creating a new dataset definition)](/api/routes/schema/)
- - Also creating a new version of an existing schema
+ - Also creating a new version of an existing schema
- [Uploading data to any version of a dataset](/api/routes/dataset/#upload)
- [Listing available data](/api/routes/dataset/#list)
- [Querying data from any version of a dataset](/api/routes/dataset/#query)
@@ -17,8 +17,8 @@ The first step is to create a dataset, which we can do by uploading a schema. Th
After a schema has been uploaded, data can then be uploaded to the dataset. During the upload process, the API checks if the data matches the schema. This ensures that each of the datasets remain consistent.
-
+
## Data upload and query flows
### No schema exists + upload data + query
diff --git a/docs/getting_started.md b/docs/getting_started.md
index c3b9634..51a3f4c 100644
--- a/docs/getting_started.md
+++ b/docs/getting_started.md
@@ -5,12 +5,10 @@ We provide two options for deploying rAPId within an AWS environment:
1. If you have existing infrastructure (e.g a VPC) that you would like to deploy rAPId within, then you can use the [rAPId module](/infrastructure/deployment/existing/), passing in specific variables relating to your AWS account.
2. If you do not have any exisiting infrastructure, you can instead deploy the [entire rAPId stack](/infrastructure/deployment/full_stack/) creating all the relevant infrastructure.
-
# Developing
-
diff --git a/docs/index.md b/docs/index.md
index 103273e..f434b06 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -12,7 +12,6 @@ Pioneered by 10 Downing Street, rAPId aims to improve the government's use of da
rAPId is comprised of several components that together form a replicable template for simple data storage infrastructure in AWS with a RESTful API and user-friendly UI. It allows the simple ingestion and sharing of standardised datasets.
-
## API
The rAPId API is a RESTful API built using FastAPI and Python. It handles all the serving for user management, schema definitions and data storage and retrieval.
diff --git a/docs/infrastructure/deployment.md b/docs/infrastructure/deployment.md
index c2c67d7..a2cd954 100644
--- a/docs/infrastructure/deployment.md
+++ b/docs/infrastructure/deployment.md
@@ -59,11 +59,9 @@ There are also these optional inputs:
Once you apply the Terraform, a new instance of the application should be created.
-
-
## rAPId Full Stack
-For teams with no existing infrastructure and just a blank AWS Account, we have ```make``` commands that will set up the necessary infrastructure from scratch with sensible defaults.
+For teams with no existing infrastructure and just a blank AWS Account, we have `make` commands that will set up the necessary infrastructure from scratch with sensible defaults.
### Pre-requisites
@@ -146,7 +144,7 @@ mechanism to ensure infrastructure changes are applied atomically.
To set up the S3 backend follow these steps:
- Replace the values in `backend.hcl` with your custom values (these can be any value you would like). They will be referenced to create the Terraform state components and used going forwards as the backend config.
-- In the root folder run ```make infra-backend```, this will initialise Terraform by creating both the state bucket and dynamodb table in AWS.
+- In the root folder run `make infra-backend`, this will initialise Terraform by creating both the state bucket and dynamodb table in AWS.
### IAM User Setup (Optional)
@@ -216,14 +214,14 @@ Optional:
Then, run the following command on each block:
-- ```make infra-init block=``` to initialise Terraform
-- ```make infra-plan block=``` to plan (to check the changes ensuring nothing will be run)
-- ```make infra-apply block=``` to apply changes, when prompted type ```yes```
+- `make infra-init block=` to initialise Terraform
+- `make infra-plan block=` to plan (to check the changes ensuring nothing will be run)
+- `make infra-apply block=` to apply changes, when prompted type `yes`
Run the blocks in this order:
1. [iam-config](#iam-user-setup-optional)
-> All the users' roles/policies will be handled here and will delete any previous config
+ > All the users' roles/policies will be handled here and will delete any previous config
2. vpc
3. s3
4. auth
diff --git a/docs/infrastructure/diagrams.md b/docs/infrastructure/diagrams.md
index 95161aa..421672b 100644
--- a/docs/infrastructure/diagrams.md
+++ b/docs/infrastructure/diagrams.md
@@ -1 +1 @@
-
\ No newline at end of file
+
diff --git a/docs/infrastructure/domains_subdomains.md b/docs/infrastructure/domains_subdomains.md
index 79a09a4..2af3d7b 100644
--- a/docs/infrastructure/domains_subdomains.md
+++ b/docs/infrastructure/domains_subdomains.md
@@ -2,16 +2,16 @@ When creating a rAPId instance you will need a hostname to be able to access the
to achieve this:
1. Using an existing domain from route53: AWS creates a hosted zone linked to your domain, just use this HZ id in the
-inputs along the domain, and you are ready to go. (If the domain is currently being used, a subdomain can be created
-automatically by providing the HZ id and the subdomain name in the `input-params.tfvars`).
+ inputs along the domain, and you are ready to go. (If the domain is currently being used, a subdomain can be created
+ automatically by providing the HZ id and the subdomain name in the `input-params.tfvars`).
2. Creating a new domain in route53: you will need to manually register a domain in the AWS console, once this is done
-the steps are the same as scenario 1.
+ the steps are the same as scenario 1.
3. Using an existing domain outside AWS: you will need to leave the HZ id field empty and provide a
-domain/subdomain, copy the NS values from the output and use them in your DNS provider.
+ domain/subdomain, copy the NS values from the output and use them in your DNS provider.
4. Using an existing domain from a different AWS account to create a subdomain: you will need to leave the HZ id field
-empty and provide the subdomain name, then copy the NS values from the output, go to the AWS
-account that owns the domain, go to route 53, in the domain hosted zone, create a new record of the type NS with the
-subdomain name and add the NS values copied from the outputs.
+ empty and provide the subdomain name, then copy the NS values from the output, go to the AWS
+ account that owns the domain, go to route 53, in the domain hosted zone, create a new record of the type NS with the
+ subdomain name and add the NS values copied from the outputs.
diff --git a/docs/ui/todo.md b/docs/ui/todo.md
index 50d60da..dde43ac 100644
--- a/docs/ui/todo.md
+++ b/docs/ui/todo.md
@@ -1 +1 @@
-- Give examples of UI usage - until we have a sandbox
\ No newline at end of file
+- Give examples of UI usage - until we have a sandbox
diff --git a/infrastructure/batect.yml b/infrastructure/batect.yml
index 1c33378..779a359 100644
--- a/infrastructure/batect.yml
+++ b/infrastructure/batect.yml
@@ -18,4 +18,4 @@ tasks:
description: Parse the changelog file for the release's changes
run:
container: utility
- command: "python get_latest_release_changelog.py"
+ command: 'python get_latest_release_changelog.py'
diff --git a/infrastructure/blocks/pipeline-ami/provider.tf b/infrastructure/blocks/pipeline-ami/provider.tf
index c54d77e..214eedc 100644
--- a/infrastructure/blocks/pipeline-ami/provider.tf
+++ b/infrastructure/blocks/pipeline-ami/provider.tf
@@ -3,4 +3,3 @@ terraform {
key = "pipeline-ami/terraform.tfstate"
}
}
-
diff --git a/infrastructure/blocks/pipeline-ami/template.json b/infrastructure/blocks/pipeline-ami/template.json
index 69a8a89..f606ce2 100644
--- a/infrastructure/blocks/pipeline-ami/template.json
+++ b/infrastructure/blocks/pipeline-ami/template.json
@@ -1,58 +1,54 @@
{
- "variables": {
- "version": "",
- "region": "",
- "subnet_id": "",
- "vpc_id": ""
- },
- "builders": [
+ "variables": {
+ "version": "",
+ "region": "",
+ "subnet_id": "",
+ "vpc_id": ""
+ },
+ "builders": [
+ {
+ "ami_description": "An AMI for creating github runners",
+ "ami_name": "pipeline-ami-{{user `version`}}",
+ "instance_type": "t3.large",
+ "region": "{{user `region`}}",
+ "force_deregister": "true",
+ "force_delete_snapshot": "true",
+ "vpc_id": "{{user `vpc_id`}}",
+ "subnet_id": "{{user `subnet_id`}}",
+ "associate_public_ip_address": true,
+ "ami_block_device_mappings": [
{
- "ami_description": "An AMI for creating github runners",
- "ami_name": "pipeline-ami-{{user `version`}}",
- "instance_type": "t3.large",
- "region": "{{user `region`}}",
- "force_deregister": "true",
- "force_delete_snapshot": "true",
- "vpc_id": "{{user `vpc_id`}}",
- "subnet_id": "{{user `subnet_id`}}",
- "associate_public_ip_address": true,
- "ami_block_device_mappings": [
- {
- "device_name": "/dev/sda1",
- "encrypted": false,
- "volume_type": "gp2",
- "volume_size": 32,
- "delete_on_termination": true
- }
- ],
- "source_ami_filter": {
- "filters": {
- "name": "ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*",
- "virtualization-type": "hvm",
- "root-device-type": "ebs"
- },
- "most_recent": true,
- "owners": [
- "099720109477"
- ]
- },
- "ssh_username": "ubuntu",
- "type": "amazon-ebs"
+ "device_name": "/dev/sda1",
+ "encrypted": false,
+ "volume_type": "gp2",
+ "volume_size": 32,
+ "delete_on_termination": true
}
- ],
- "provisioners": [
- {
- "inline": [
- "echo 'Sleeping for 30 seconds to give Ubuntu enough time to initialize (otherwise, packages may fail to install).'",
- "sleep 30"
- ],
- "type": "shell"
+ ],
+ "source_ami_filter": {
+ "filters": {
+ "name": "ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*",
+ "virtualization-type": "hvm",
+ "root-device-type": "ebs"
},
- {
- "scripts": [
- "{{template_dir}}/install.sh"
- ],
- "type": "shell"
- }
- ]
-}
\ No newline at end of file
+ "most_recent": true,
+ "owners": ["099720109477"]
+ },
+ "ssh_username": "ubuntu",
+ "type": "amazon-ebs"
+ }
+ ],
+ "provisioners": [
+ {
+ "inline": [
+ "echo 'Sleeping for 30 seconds to give Ubuntu enough time to initialize (otherwise, packages may fail to install).'",
+ "sleep 30"
+ ],
+ "type": "shell"
+ },
+ {
+ "scripts": ["{{template_dir}}/install.sh"],
+ "type": "shell"
+ }
+ ]
+}
diff --git a/infrastructure/blocks/pipeline/iam.tf b/infrastructure/blocks/pipeline/iam.tf
index c8546f4..54fa363 100644
--- a/infrastructure/blocks/pipeline/iam.tf
+++ b/infrastructure/blocks/pipeline/iam.tf
@@ -6,13 +6,6 @@ resource "aws_iam_policy" "pipeline_ecr_access" {
policy = jsonencode({
"Version" : "2012-10-17",
"Statement" : [
- {
- Effect : "Allow",
- Action : [
- "ecr:GetAuthorizationToken",
- ],
- Resource : "*"
- },
{
Effect : "Allow",
Action : [
@@ -60,14 +53,6 @@ resource "aws_iam_policy" "pipeline_ecr_public_access" {
policy = jsonencode({
"Version" : "2012-10-17",
"Statement" : [
- {
- Effect : "Allow",
- Action : [
- "ecr-public:GetAuthorizationToken",
- "sts:GetServiceBearerToken",
- ],
- Resource : "*"
- },
{
Effect : "Allow",
Action : [
@@ -77,12 +62,14 @@ resource "aws_iam_policy" "pipeline_ecr_public_access" {
"ecr-public:DescribeRegistries",
"ecr-public:DescribeImages",
"ecr-public:DescribeImageTags",
+ "ecr-public:GetAuthorizationToken",
"ecr-public:GetRepositoryCatalogData",
"ecr-public:GetRegistryCatalogData",
"ecr-public:InitiateLayerUpload",
"ecr-public:UploadLayerPart",
"ecr-public:CompleteLayerUpload",
- "ecr-public:PutImage"
+ "ecr-public:PutImage",
+ "sts:GetServiceBearerToken",
],
Resource : [
data.terraform_remote_state.ecr-state.outputs.ecr_public_repo_arn,
diff --git a/infrastructure/blocks/pipeline/initialisation-script.sh.tpl b/infrastructure/blocks/pipeline/initialisation-script.sh.tpl
index 786abf9..0099504 100644
--- a/infrastructure/blocks/pipeline/initialisation-script.sh.tpl
+++ b/infrastructure/blocks/pipeline/initialisation-script.sh.tpl
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/bash
# ---- Start docker service
sudo service docker start
diff --git a/infrastructure/modules/app-cluster/README.md b/infrastructure/modules/app-cluster/README.md
index a4d5a44..6e7edf3 100644
--- a/infrastructure/modules/app-cluster/README.md
+++ b/infrastructure/modules/app-cluster/README.md
@@ -1,13 +1,14 @@
+
## Requirements
No requirements.
## Providers
-| Name | Version |
-|------|---------|
-| [aws](#provider\_aws) | 4.50.0 |
+| Name | Version |
+| ------------------------------------------------ | ------- |
+| [aws](#provider_aws) | 4.50.0 |
## Modules
@@ -15,117 +16,118 @@ No modules.
## Resources
-| Name | Type |
-|------|------|
-| [aws_acm_certificate.rapid-certificate](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate) | resource |
-| [aws_acm_certificate_validation.rapid-certificate-validation](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate_validation) | resource |
-| [aws_alb.application_load_balancer](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/alb) | resource |
-| [aws_appautoscaling_policy.ecs_policy_cpu](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/appautoscaling_policy) | resource |
-| [aws_appautoscaling_policy.ecs_policy_memory](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/appautoscaling_policy) | resource |
-| [aws_appautoscaling_target.ecs_target](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/appautoscaling_target) | resource |
-| [aws_cloudtrail.access_logs_trail](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail) | resource |
-| [aws_cloudwatch_log_group.access_logs_log_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
-| [aws_cloudwatch_log_group.log-group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
-| [aws_cloudwatch_log_metric_filter.rapid-service-log-error-count](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter) | resource |
-| [aws_cloudwatch_metric_alarm.log-error-alarm](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource |
-| [aws_dynamodb_table.service_table](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table) | resource |
-| [aws_ecs_cluster.aws-ecs-cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_cluster) | resource |
-| [aws_ecs_service.aws-ecs-service](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_service) | resource |
-| [aws_ecs_task_definition.aws-ecs-task](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_task_definition) | resource |
-| [aws_iam_policy.app_athena_query_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.app_cognito_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.app_dynamodb_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.app_glue_services_passrole](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.app_s3_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.app_secrets_manager_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.app_tags_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.aws_iam_policy_cloudtrail_cloudwatch](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy_attachment.aws_iam_policy_cloudtrail_cloudwatch_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy_attachment) | resource |
-| [aws_iam_role.cloud_trail_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
-| [aws_iam_role.ecsTaskExecutionRole](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
-| [aws_iam_role_policy_attachment.ecsTaskExecutionRole_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.role_app_glue_services_passrole_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.role_athena_access_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.role_cognito_access_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.role_dynamodb_access_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.role_s3_access_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.role_secrets_manager_access_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.role_tags_access_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_kms_key.access_logs_key](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key) | resource |
-| [aws_lb_listener.http-listener](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener) | resource |
-| [aws_lb_listener.listener](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener) | resource |
-| [aws_lb_target_group.target_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group) | resource |
-| [aws_route53_record.rapid_validation_record](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource |
-| [aws_route53_zone.primary-hosted-zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone) | resource |
-| [aws_s3_bucket.access_logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
-| [aws_s3_bucket_lifecycle_configuration.access_logs_lifecycle](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_lifecycle_configuration) | resource |
-| [aws_s3_bucket_policy.access_logs_bucket_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource |
-| [aws_s3_bucket_policy.allow_alb_logging](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource |
-| [aws_s3_bucket_public_access_block.access_logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource |
-| [aws_s3_bucket_server_side_encryption_configuration.access_logs_s3_encryption_config](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_server_side_encryption_configuration) | resource |
-| [aws_security_group.load_balancer_security_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
-| [aws_security_group.service_security_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
-| [aws_sns_topic.log-error-alarm-notification](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic) | resource |
-| [aws_sns_topic_subscription.log-error-alarm-subscription](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_subscription) | resource |
-| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
-| [aws_ec2_managed_prefix_list.cloudwatch](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ec2_managed_prefix_list) | data source |
-| [aws_ecs_task_definition.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ecs_task_definition) | data source |
-| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/elb_service_account) | data source |
-| [aws_iam_policy_document.access_logs_key_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
-| [aws_iam_policy_document.assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
-| [aws_region.region](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
+| Name | Type |
+| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- |
+| [aws_acm_certificate.rapid-certificate](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate) | resource |
+| [aws_acm_certificate_validation.rapid-certificate-validation](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate_validation) | resource |
+| [aws_alb.application_load_balancer](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/alb) | resource |
+| [aws_appautoscaling_policy.ecs_policy_cpu](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/appautoscaling_policy) | resource |
+| [aws_appautoscaling_policy.ecs_policy_memory](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/appautoscaling_policy) | resource |
+| [aws_appautoscaling_target.ecs_target](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/appautoscaling_target) | resource |
+| [aws_cloudtrail.access_logs_trail](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail) | resource |
+| [aws_cloudwatch_log_group.access_logs_log_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
+| [aws_cloudwatch_log_group.log-group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
+| [aws_cloudwatch_log_metric_filter.rapid-service-log-error-count](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter) | resource |
+| [aws_cloudwatch_metric_alarm.log-error-alarm](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource |
+| [aws_dynamodb_table.service_table](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table) | resource |
+| [aws_ecs_cluster.aws-ecs-cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_cluster) | resource |
+| [aws_ecs_service.aws-ecs-service](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_service) | resource |
+| [aws_ecs_task_definition.aws-ecs-task](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_task_definition) | resource |
+| [aws_iam_policy.app_athena_query_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.app_cognito_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.app_dynamodb_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.app_glue_services_passrole](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.app_s3_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.app_secrets_manager_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.app_tags_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.aws_iam_policy_cloudtrail_cloudwatch](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy_attachment.aws_iam_policy_cloudtrail_cloudwatch_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy_attachment) | resource |
+| [aws_iam_role.cloud_trail_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role.ecsTaskExecutionRole](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role_policy_attachment.ecsTaskExecutionRole_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.role_app_glue_services_passrole_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.role_athena_access_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.role_cognito_access_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.role_dynamodb_access_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.role_s3_access_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.role_secrets_manager_access_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.role_tags_access_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_kms_key.access_logs_key](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key) | resource |
+| [aws_lb_listener.http-listener](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener) | resource |
+| [aws_lb_listener.listener](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener) | resource |
+| [aws_lb_target_group.target_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group) | resource |
+| [aws_route53_record.rapid_validation_record](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource |
+| [aws_route53_zone.primary-hosted-zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone) | resource |
+| [aws_s3_bucket.access_logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
+| [aws_s3_bucket_lifecycle_configuration.access_logs_lifecycle](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_lifecycle_configuration) | resource |
+| [aws_s3_bucket_policy.access_logs_bucket_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource |
+| [aws_s3_bucket_policy.allow_alb_logging](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource |
+| [aws_s3_bucket_public_access_block.access_logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource |
+| [aws_s3_bucket_server_side_encryption_configuration.access_logs_s3_encryption_config](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_server_side_encryption_configuration) | resource |
+| [aws_security_group.load_balancer_security_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
+| [aws_security_group.service_security_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
+| [aws_sns_topic.log-error-alarm-notification](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic) | resource |
+| [aws_sns_topic_subscription.log-error-alarm-subscription](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_subscription) | resource |
+| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_ec2_managed_prefix_list.cloudwatch](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ec2_managed_prefix_list) | data source |
+| [aws_ecs_task_definition.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ecs_task_definition) | data source |
+| [aws_elb_service_account.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/elb_service_account) | data source |
+| [aws_iam_policy_document.access_logs_key_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_policy_document.assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_region.region](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
## Inputs
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| [allowed\_email\_domains](#input\_allowed\_email\_domains) | List of allowed emails domains that can be associated with users | `string` | n/a | yes |
-| [app-replica-count-desired](#input\_app-replica-count-desired) | The desired number of replicas of the app | `number` | `1` | no |
-| [app-replica-count-max](#input\_app-replica-count-max) | The maximum desired number of replicas of the app | `number` | `2` | no |
-| [application\_version](#input\_application\_version) | The version number for the application image (e.g.: v1.0.4, v1.0.x-latest, etc.) | `string` | n/a | yes |
-| [athena\_query\_output\_bucket\_arn](#input\_athena\_query\_output\_bucket\_arn) | The S3 bucket ARN where Athena stores its query results. This bucket is created dynamically with a unique name in the data-workflow module. Reference it by remote state, module output or ARN string directly | `string` | n/a | yes |
-| [aws\_account](#input\_aws\_account) | AWS Account number to host the rAPId service | `string` | n/a | yes |
-| [aws\_region](#input\_aws\_region) | The region of the AWS Account for the rAPId service | `string` | n/a | yes |
-| [catalog\_disabled](#input\_catalog\_disabled) | Optional value on whether to disable the internal rAPId data catalog | `bool` | `false` | no |
-| [certificate\_validation\_arn](#input\_certificate\_validation\_arn) | Arn of the certificate used by the domain | `string` | n/a | yes |
-| [cognito\_user\_login\_app\_credentials\_secrets\_name](#input\_cognito\_user\_login\_app\_credentials\_secrets\_name) | Secret name for Cognito user login app credentials | `string` | n/a | yes |
-| [cognito\_user\_pool\_id](#input\_cognito\_user\_pool\_id) | User pool id for cognito | `string` | n/a | yes |
-| [container\_port](#input\_container\_port) | The port for the running ECS containers | `number` | `8000` | no |
-| [data\_s3\_bucket\_arn](#input\_data\_s3\_bucket\_arn) | S3 Bucket arn to store application data | `string` | n/a | yes |
-| [data\_s3\_bucket\_name](#input\_data\_s3\_bucket\_name) | S3 Bucket name to store application data | `string` | n/a | yes |
-| [domain\_name](#input\_domain\_name) | Domain name for the rAPId instance | `string` | n/a | yes |
-| [ecs\_cluster\_arn](#input\_ecs\_cluster\_arn) | ECS cliuster arn to attach the rAPId api to | `string` | `null` | no |
-| [ecs\_cluster\_id](#input\_ecs\_cluster\_id) | ECS cluster id to attach the rAPId api to | `string` | `null` | no |
-| [ecs\_cluster\_name](#input\_ecs\_cluster\_name) | ECS cluster name to attach the rAPId api to | `string` | `null` | no |
-| [enable\_cloudtrail](#input\_enable\_cloudtrail) | Whether to enable the logging of db events to CloudTrail | `bool` | `true` | no |
-| [host\_port](#input\_host\_port) | The host port for the running ECS containers | `number` | `8000` | no |
-| [hosted\_zone\_id](#input\_hosted\_zone\_id) | Hosted Zone ID with the domain Name Servers, pass quotes to create a new one from scratch | `string` | n/a | yes |
-| [ip\_whitelist](#input\_ip\_whitelist) | A list of IPs to whitelist for access to the service | `list(string)` | n/a | yes |
-| [log\_bucket\_name](#input\_log\_bucket\_name) | A bucket to send the Load Balancer logs | `string` | n/a | yes |
-| [permissions\_table](#input\_permissions\_table) | Users permissions table in dynamoDB | `string` | n/a | yes |
-| [permissions\_table\_arn](#input\_permissions\_table\_arn) | Users permissions table arn in dynamoDB | `string` | n/a | yes |
-| [private\_subnet\_ids\_list](#input\_private\_subnet\_ids\_list) | Application Private subnet list | `list(string)` | n/a | yes |
-| [project\_information](#input\_project\_information) | n/a |
| no |
-| [protocol](#input\_protocol) | The protocol for the running ECS container | `string` | `"tcp"` | no |
-| [public\_subnet\_ids\_list](#input\_public\_subnet\_ids\_list) | Application Public subnet list | `list(string)` | n/a | yes |
-| [rapid\_ecr\_url](#input\_rapid\_ecr\_url) | ECR Url for task definition | `string` | n/a | yes |
-| [resource-name-prefix](#input\_resource-name-prefix) | The prefix to add to resources for easier identification | `string` | n/a | yes |
-| [support\_emails\_for\_cloudwatch\_alerts](#input\_support\_emails\_for\_cloudwatch\_alerts) | List of emails that will receive alerts from CloudWatch | `list(string)` | n/a | yes |
-| [tags](#input\_tags) | A common map of tags for all VPC resources that are created (for e.g. billing purposes) | `map(string)` |
{ "Resource": "data-f1-rapid" }
| no |
-| [vpc\_id](#input\_vpc\_id) | Application VPC | `string` | n/a | yes |
+| Name | Description | Type | Default | Required |
+| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------- | :------: |
+| [allowed_email_domains](#input_allowed_email_domains) | List of allowed emails domains that can be associated with users | `string` | n/a | yes |
+| [app-replica-count-desired](#input_app-replica-count-desired) | The desired number of replicas of the app | `number` | `1` | no |
+| [app-replica-count-max](#input_app-replica-count-max) | The maximum desired number of replicas of the app | `number` | `2` | no |
+| [application_version](#input_application_version) | The version number for the application image (e.g.: v1.0.4, v1.0.x-latest, etc.) | `string` | n/a | yes |
+| [athena_query_output_bucket_arn](#input_athena_query_output_bucket_arn) | The S3 bucket ARN where Athena stores its query results. This bucket is created dynamically with a unique name in the data-workflow module. Reference it by remote state, module output or ARN string directly | `string` | n/a | yes |
+| [aws_account](#input_aws_account) | AWS Account number to host the rAPId service | `string` | n/a | yes |
+| [aws_region](#input_aws_region) | The region of the AWS Account for the rAPId service | `string` | n/a | yes |
+| [catalog_disabled](#input_catalog_disabled) | Optional value on whether to disable the internal rAPId data catalog | `bool` | `false` | no |
+| [certificate_validation_arn](#input_certificate_validation_arn) | Arn of the certificate used by the domain | `string` | n/a | yes |
+| [cognito_user_login_app_credentials_secrets_name](#input_cognito_user_login_app_credentials_secrets_name) | Secret name for Cognito user login app credentials | `string` | n/a | yes |
+| [cognito_user_pool_id](#input_cognito_user_pool_id) | User pool id for cognito | `string` | n/a | yes |
+| [container_port](#input_container_port) | The port for the running ECS containers | `number` | `8000` | no |
+| [data_s3_bucket_arn](#input_data_s3_bucket_arn) | S3 Bucket arn to store application data | `string` | n/a | yes |
+| [data_s3_bucket_name](#input_data_s3_bucket_name) | S3 Bucket name to store application data | `string` | n/a | yes |
+| [domain_name](#input_domain_name) | Domain name for the rAPId instance | `string` | n/a | yes |
+| [ecs_cluster_arn](#input_ecs_cluster_arn) | ECS cliuster arn to attach the rAPId api to | `string` | `null` | no |
+| [ecs_cluster_id](#input_ecs_cluster_id) | ECS cluster id to attach the rAPId api to | `string` | `null` | no |
+| [ecs_cluster_name](#input_ecs_cluster_name) | ECS cluster name to attach the rAPId api to | `string` | `null` | no |
+| [enable_cloudtrail](#input_enable_cloudtrail) | Whether to enable the logging of db events to CloudTrail | `bool` | `true` | no |
+| [host_port](#input_host_port) | The host port for the running ECS containers | `number` | `8000` | no |
+| [hosted_zone_id](#input_hosted_zone_id) | Hosted Zone ID with the domain Name Servers, pass quotes to create a new one from scratch | `string` | n/a | yes |
+| [ip_whitelist](#input_ip_whitelist) | A list of IPs to whitelist for access to the service | `list(string)` | n/a | yes |
+| [log_bucket_name](#input_log_bucket_name) | A bucket to send the Load Balancer logs | `string` | n/a | yes |
+| [permissions_table](#input_permissions_table) | Users permissions table in dynamoDB | `string` | n/a | yes |
+| [permissions_table_arn](#input_permissions_table_arn) | Users permissions table arn in dynamoDB | `string` | n/a | yes |
+| [private_subnet_ids_list](#input_private_subnet_ids_list) | Application Private subnet list | `list(string)` | n/a | yes |
+| [project_information](#input_project_information) | n/a |
| no |
+| [protocol](#input_protocol) | The protocol for the running ECS container | `string` | `"tcp"` | no |
+| [public_subnet_ids_list](#input_public_subnet_ids_list) | Application Public subnet list | `list(string)` | n/a | yes |
+| [rapid_ecr_url](#input_rapid_ecr_url) | ECR Url for task definition | `string` | n/a | yes |
+| [resource-name-prefix](#input_resource-name-prefix) | The prefix to add to resources for easier identification | `string` | n/a | yes |
+| [support_emails_for_cloudwatch_alerts](#input_support_emails_for_cloudwatch_alerts) | List of emails that will receive alerts from CloudWatch | `list(string)` | n/a | yes |
+| [tags](#input_tags) | A common map of tags for all VPC resources that are created (for e.g. billing purposes) | `map(string)` |
{ "Resource": "data-f1-rapid" }
| no |
+| [vpc_id](#input_vpc_id) | Application VPC | `string` | n/a | yes |
## Outputs
-| Name | Description |
-|------|-------------|
-| [ecs\_cluster\_arn](#output\_ecs\_cluster\_arn) | Cluster identifier |
-| [ecs\_task\_execution\_role\_arn](#output\_ecs\_task\_execution\_role\_arn) | The ECS task execution role ARN |
-| [hosted\_zone\_id](#output\_hosted\_zone\_id) | n/a |
-| [hosted\_zone\_name\_servers](#output\_hosted\_zone\_name\_servers) | Name servers of the primary hosted zone linked to the domain |
-| [load\_balancer\_arn](#output\_load\_balancer\_arn) | The arn of the load balancer |
-| [load\_balancer\_dns](#output\_load\_balancer\_dns) | The DNS name of the load balancer |
-| [log\_error\_alarm\_notification\_arn](#output\_log\_error\_alarm\_notification\_arn) | The arn of the sns topic that receives notifications on log error alerts |
-| [rapid\_metric\_log\_error\_alarm\_arn](#output\_rapid\_metric\_log\_error\_alarm\_arn) | The arn of the log error alarm metric |
-| [route\_53\_validation\_record\_fqdns](#output\_route\_53\_validation\_record\_fqdns) | The fqdns of the route53 validation records for the certificate |
-| [service\_table\_arn](#output\_service\_table\_arn) | The arn of the dynamoDB table that stores the user service |
+| Name | Description |
+| ----------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------ |
+| [ecs_cluster_arn](#output_ecs_cluster_arn) | Cluster identifier |
+| [ecs_task_execution_role_arn](#output_ecs_task_execution_role_arn) | The ECS task execution role ARN |
+| [hosted_zone_id](#output_hosted_zone_id) | n/a |
+| [hosted_zone_name_servers](#output_hosted_zone_name_servers) | Name servers of the primary hosted zone linked to the domain |
+| [load_balancer_arn](#output_load_balancer_arn) | The arn of the load balancer |
+| [load_balancer_dns](#output_load_balancer_dns) | The DNS name of the load balancer |
+| [log_error_alarm_notification_arn](#output_log_error_alarm_notification_arn) | The arn of the sns topic that receives notifications on log error alerts |
+| [rapid_metric_log_error_alarm_arn](#output_rapid_metric_log_error_alarm_arn) | The arn of the log error alarm metric |
+| [route_53_validation_record_fqdns](#output_route_53_validation_record_fqdns) | The fqdns of the route53 validation records for the certificate |
+| [service_table_arn](#output_service_table_arn) | The arn of the dynamoDB table that stores the user service |
+
diff --git a/infrastructure/modules/auth/README.md b/infrastructure/modules/auth/README.md
index e8db51d..6c592e9 100644
--- a/infrastructure/modules/auth/README.md
+++ b/infrastructure/modules/auth/README.md
@@ -1,14 +1,15 @@
+
## Requirements
No requirements.
## Providers
-| Name | Version |
-|------|---------|
-| [aws](#provider\_aws) | n/a |
-| [random](#provider\_random) | n/a |
+| Name | Version |
+| --------------------------------------------------------- | ------- |
+| [aws](#provider_aws) | n/a |
+| [random](#provider_random) | n/a |
## Modules
@@ -16,70 +17,71 @@ No modules.
## Resources
-| Name | Type |
-|------|------|
-| [aws_cognito_resource_server.rapid_resource_server](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_resource_server) | resource |
-| [aws_cognito_user.ui_test_user](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user) | resource |
-| [aws_cognito_user_pool.rapid_user_pool](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool) | resource |
-| [aws_cognito_user_pool_client.e2e_test_client_data_admin](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool_client) | resource |
-| [aws_cognito_user_pool_client.e2e_test_client_read_and_write](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool_client) | resource |
-| [aws_cognito_user_pool_client.e2e_test_client_user_admin](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool_client) | resource |
-| [aws_cognito_user_pool_client.e2e_test_client_write_all](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool_client) | resource |
-| [aws_cognito_user_pool_client.test_client](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool_client) | resource |
-| [aws_cognito_user_pool_client.user_login](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool_client) | resource |
-| [aws_cognito_user_pool_domain.rapid_cognito_domain](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool_domain) | resource |
-| [aws_dynamodb_table.permissions_table](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table) | resource |
-| [aws_dynamodb_table_item.admin_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table_item) | resource |
-| [aws_dynamodb_table_item.data_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table_item) | resource |
-| [aws_dynamodb_table_item.test_client_data_admin_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table_item) | resource |
-| [aws_dynamodb_table_item.test_client_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table_item) | resource |
-| [aws_dynamodb_table_item.test_client_read_and_write_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table_item) | resource |
-| [aws_dynamodb_table_item.test_client_user_admin_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table_item) | resource |
-| [aws_dynamodb_table_item.test_client_write_all_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table_item) | resource |
-| [aws_dynamodb_table_item.ui_test_user_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table_item) | resource |
-| [aws_secretsmanager_secret.client_secrets_cognito](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
-| [aws_secretsmanager_secret.e2e_test_client_data_admin](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
-| [aws_secretsmanager_secret.e2e_test_client_read_and_write](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
-| [aws_secretsmanager_secret.e2e_test_client_user_admin](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
-| [aws_secretsmanager_secret.e2e_test_client_write_all](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
-| [aws_secretsmanager_secret.ui_test_user](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
-| [aws_secretsmanager_secret.user_secrets_cognito](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
-| [aws_secretsmanager_secret_version.client_secrets_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
-| [aws_secretsmanager_secret_version.e2e_test_client_data_admin_secrets_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
-| [aws_secretsmanager_secret_version.e2e_test_client_read_and_write_secrets_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
-| [aws_secretsmanager_secret_version.e2e_test_client_user_admin_secrets_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
-| [aws_secretsmanager_secret_version.e2e_test_client_write_all_secrets_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
-| [aws_secretsmanager_secret_version.ui_test_user_secrets_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
-| [aws_secretsmanager_secret_version.user_login_client_secrets_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
-| [random_password.password](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
-| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
-| [aws_region.region](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
+| Name | Type |
+| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- |
+| [aws_cognito_resource_server.rapid_resource_server](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_resource_server) | resource |
+| [aws_cognito_user.ui_test_user](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user) | resource |
+| [aws_cognito_user_pool.rapid_user_pool](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool) | resource |
+| [aws_cognito_user_pool_client.e2e_test_client_data_admin](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool_client) | resource |
+| [aws_cognito_user_pool_client.e2e_test_client_read_and_write](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool_client) | resource |
+| [aws_cognito_user_pool_client.e2e_test_client_user_admin](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool_client) | resource |
+| [aws_cognito_user_pool_client.e2e_test_client_write_all](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool_client) | resource |
+| [aws_cognito_user_pool_client.test_client](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool_client) | resource |
+| [aws_cognito_user_pool_client.user_login](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool_client) | resource |
+| [aws_cognito_user_pool_domain.rapid_cognito_domain](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cognito_user_pool_domain) | resource |
+| [aws_dynamodb_table.permissions_table](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table) | resource |
+| [aws_dynamodb_table_item.admin_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table_item) | resource |
+| [aws_dynamodb_table_item.data_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table_item) | resource |
+| [aws_dynamodb_table_item.test_client_data_admin_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table_item) | resource |
+| [aws_dynamodb_table_item.test_client_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table_item) | resource |
+| [aws_dynamodb_table_item.test_client_read_and_write_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table_item) | resource |
+| [aws_dynamodb_table_item.test_client_user_admin_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table_item) | resource |
+| [aws_dynamodb_table_item.test_client_write_all_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table_item) | resource |
+| [aws_dynamodb_table_item.ui_test_user_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table_item) | resource |
+| [aws_secretsmanager_secret.client_secrets_cognito](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
+| [aws_secretsmanager_secret.e2e_test_client_data_admin](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
+| [aws_secretsmanager_secret.e2e_test_client_read_and_write](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
+| [aws_secretsmanager_secret.e2e_test_client_user_admin](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
+| [aws_secretsmanager_secret.e2e_test_client_write_all](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
+| [aws_secretsmanager_secret.ui_test_user](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
+| [aws_secretsmanager_secret.user_secrets_cognito](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
+| [aws_secretsmanager_secret_version.client_secrets_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
+| [aws_secretsmanager_secret_version.e2e_test_client_data_admin_secrets_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
+| [aws_secretsmanager_secret_version.e2e_test_client_read_and_write_secrets_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
+| [aws_secretsmanager_secret_version.e2e_test_client_user_admin_secrets_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
+| [aws_secretsmanager_secret_version.e2e_test_client_write_all_secrets_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
+| [aws_secretsmanager_secret_version.ui_test_user_secrets_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
+| [aws_secretsmanager_secret_version.user_login_client_secrets_version](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
+| [random_password.password](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
+| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_region.region](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
## Inputs
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| [admin\_permissions](#input\_admin\_permissions) | n/a | `map(map(any))` |
| no |
-| [domain\_name](#input\_domain\_name) | Domain name for the rAPId instance | `string` | n/a | yes |
-| [password\_policy](#input\_password\_policy) | The Cognito pool password policy |
object({ minimum_length = number require_lowercase = bool require_numbers = bool require_symbols = bool require_uppercase = bool temporary_password_validity_days = number })
| no |
-| [permissions\_table\_name](#input\_permissions\_table\_name) | The name of the users permissions table in DynamoDb | `string` | `"users_permissions"` | no |
-| [rapid\_client\_explicit\_auth\_flows](#input\_rapid\_client\_explicit\_auth\_flows) | The list of auth flows supported by the client app | `list(string)` |
| no |
-| [rapid\_user\_login\_client\_explicit\_auth\_flows](#input\_rapid\_user\_login\_client\_explicit\_auth\_flows) | The list of auth flows supported by the user login app | `list(string)` |
| no |
+| [domain_name](#input_domain_name) | Domain name for the rAPId instance | `string` | n/a | yes |
+| [password_policy](#input_password_policy) | The Cognito pool password policy |
object({ minimum_length = number require_lowercase = bool require_numbers = bool require_symbols = bool require_uppercase = bool temporary_password_validity_days = number })
| no |
+| [permissions_table_name](#input_permissions_table_name) | The name of the users permissions table in DynamoDb | `string` | `"users_permissions"` | no |
+| [rapid_client_explicit_auth_flows](#input_rapid_client_explicit_auth_flows) | The list of auth flows supported by the client app | `list(string)` |
| no |
+| [rapid_user_login_client_explicit_auth_flows](#input_rapid_user_login_client_explicit_auth_flows) | The list of auth flows supported by the user login app | `list(string)` |
| no |
+| [tags](#input_tags) | A common map of tags for all VPC resources that are created (for e.g. billing purposes) | `map(string)` |
{ "Resource": "data-f1-rapid" }
| no |
## Outputs
-| Name | Description |
-|------|-------------|
-| [cognito\_client\_app\_secret\_manager\_name](#output\_cognito\_client\_app\_secret\_manager\_name) | Secret manager name where client app info is stored |
-| [cognito\_user\_app\_secret\_manager\_name](#output\_cognito\_user\_app\_secret\_manager\_name) | Secret manager name where user login app info is stored |
-| [cognito\_user\_pool\_id](#output\_cognito\_user\_pool\_id) | The Cognito rapid user pool id |
-| [rapid\_test\_client\_id](#output\_rapid\_test\_client\_id) | The rapid test client id registered in the user pool |
-| [resource\_server\_scopes](#output\_resource\_server\_scopes) | The scopes defined in the resource server |
-| [user\_permission\_table\_arn](#output\_user\_permission\_table\_arn) | The arn of the dynamoDB table that stores permissions |
-| [user\_permission\_table\_name](#output\_user\_permission\_table\_name) | The name of the dynamoDB table that stores permissions |
-| [user\_pool\_endpoint](#output\_user\_pool\_endpoint) | The Cognito rapid user pool endpoint |
+| Name | Description |
+| ----------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------- |
+| [cognito_client_app_secret_manager_name](#output_cognito_client_app_secret_manager_name) | Secret manager name where client app info is stored |
+| [cognito_user_app_secret_manager_name](#output_cognito_user_app_secret_manager_name) | Secret manager name where user login app info is stored |
+| [cognito_user_pool_id](#output_cognito_user_pool_id) | The Cognito rapid user pool id |
+| [rapid_test_client_id](#output_rapid_test_client_id) | The rapid test client id registered in the user pool |
+| [resource_server_scopes](#output_resource_server_scopes) | The scopes defined in the resource server |
+| [user_permission_table_arn](#output_user_permission_table_arn) | The arn of the dynamoDB table that stores permissions |
+| [user_permission_table_name](#output_user_permission_table_name) | The name of the dynamoDB table that stores permissions |
+| [user_pool_endpoint](#output_user_pool_endpoint) | The Cognito rapid user pool endpoint |
+
diff --git a/infrastructure/modules/data-workflow/README.md b/infrastructure/modules/data-workflow/README.md
index 0e28b19..9982211 100644
--- a/infrastructure/modules/data-workflow/README.md
+++ b/infrastructure/modules/data-workflow/README.md
@@ -1,13 +1,14 @@
+
## Requirements
No requirements.
## Providers
-| Name | Version |
-|------|---------|
-| [aws](#provider\_aws) | 4.50.0 |
+| Name | Version |
+| ------------------------------------------------ | ------- |
+| [aws](#provider_aws) | 4.50.0 |
## Modules
@@ -15,46 +16,47 @@ No modules.
## Resources
-| Name | Type |
-|------|------|
-| [aws_athena_workgroup.rapid_athena_workgroup](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/athena_workgroup) | resource |
-| [aws_cloudwatch_log_group.aws_glue_connection_error_log_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
-| [aws_cloudwatch_log_group.aws_glue_connection_log_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
-| [aws_cloudwatch_log_group.aws_glue_crawlers_log_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
-| [aws_glue_catalog_database.catalogue_db](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/glue_catalog_database) | resource |
-| [aws_glue_catalog_table.metadata](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/glue_catalog_table) | resource |
-| [aws_glue_connection.glue_connection](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/glue_connection) | resource |
-| [aws_iam_policy.crawler_s3_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_role.glue_service_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
-| [aws_iam_role_policy_attachment.glue_service_role_managed_policy_attach](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.glue_service_role_s3_policy_attach](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_s3_bucket.rapid_athena_query_results_bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
-| [aws_s3_bucket_policy.athena_query_bucket_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource |
-| [aws_s3_bucket_public_access_block.rapid_athena_query_results_bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource |
-| [aws_security_group.glue_connection_sg](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
-| [aws_vpc_endpoint.s3_vpc_endpoint](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_endpoint) | resource |
-| [aws_availability_zones.available](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zones) | data source |
-| [aws_prefix_list.s3_prefix](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/prefix_list) | data source |
+| Name | Type |
+| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- |
+| [aws_athena_workgroup.rapid_athena_workgroup](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/athena_workgroup) | resource |
+| [aws_cloudwatch_log_group.aws_glue_connection_error_log_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
+| [aws_cloudwatch_log_group.aws_glue_connection_log_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
+| [aws_cloudwatch_log_group.aws_glue_crawlers_log_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
+| [aws_glue_catalog_database.catalogue_db](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/glue_catalog_database) | resource |
+| [aws_glue_catalog_table.metadata](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/glue_catalog_table) | resource |
+| [aws_glue_connection.glue_connection](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/glue_connection) | resource |
+| [aws_iam_policy.crawler_s3_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_role.glue_service_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role_policy_attachment.glue_service_role_managed_policy_attach](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.glue_service_role_s3_policy_attach](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_s3_bucket.rapid_athena_query_results_bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
+| [aws_s3_bucket_policy.athena_query_bucket_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource |
+| [aws_s3_bucket_public_access_block.rapid_athena_query_results_bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource |
+| [aws_security_group.glue_connection_sg](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
+| [aws_vpc_endpoint.s3_vpc_endpoint](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_endpoint) | resource |
+| [aws_availability_zones.available](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zones) | data source |
+| [aws_prefix_list.s3_prefix](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/prefix_list) | data source |
## Inputs
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| [aws\_account](#input\_aws\_account) | AWS Account number to host the rAPId service | `string` | n/a | yes |
-| [aws\_region](#input\_aws\_region) | The region of the AWS Account for the rAPId service | `string` | n/a | yes |
-| [data\_s3\_bucket\_arn](#input\_data\_s3\_bucket\_arn) | S3 Bucket arn to store application data | `string` | n/a | yes |
-| [data\_s3\_bucket\_name](#input\_data\_s3\_bucket\_name) | S3 Bucket name to store application data | `string` | n/a | yes |
-| [private\_subnet](#input\_private\_subnet) | Application Private subnet | `string` | n/a | yes |
-| [resource-name-prefix](#input\_resource-name-prefix) | The prefix to add to resources for easier identification | `string` | n/a | yes |
-| [tags](#input\_tags) | A common map of tags for all VPC resources that are created (for e.g. billing purposes) | `map(string)` |
{ "Resource": "data-f1-rapid" }
| no |
-| [vpc\_id](#input\_vpc\_id) | Application VPC | `string` | n/a | yes |
+| Name | Description | Type | Default | Required |
+| --------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------- | ------------- | ------------------------------------------------- | :------: |
+| [aws_account](#input_aws_account) | AWS Account number to host the rAPId service | `string` | n/a | yes |
+| [aws_region](#input_aws_region) | The region of the AWS Account for the rAPId service | `string` | n/a | yes |
+| [data_s3_bucket_arn](#input_data_s3_bucket_arn) | S3 Bucket arn to store application data | `string` | n/a | yes |
+| [data_s3_bucket_name](#input_data_s3_bucket_name) | S3 Bucket name to store application data | `string` | n/a | yes |
+| [private_subnet](#input_private_subnet) | Application Private subnet | `string` | n/a | yes |
+| [resource-name-prefix](#input_resource-name-prefix) | The prefix to add to resources for easier identification | `string` | n/a | yes |
+| [tags](#input_tags) | A common map of tags for all VPC resources that are created (for e.g. billing purposes) | `map(string)` |
{ "Resource": "data-f1-rapid" }
| no |
+| [vpc_id](#input_vpc_id) | Application VPC | `string` | n/a | yes |
## Outputs
-| Name | Description |
-|------|-------------|
-| [athena\_query\_result\_output\_bucket\_arn](#output\_athena\_query\_result\_output\_bucket\_arn) | Output S3 bucket ARN for Athena query results |
-| [athena\_workgroup\_arn](#output\_athena\_workgroup\_arn) | Query workgroup for Athena |
-| [glue\_catalog\_arn](#output\_glue\_catalog\_arn) | Catalog database arn |
-| [tags](#output\_tags) | The tags used in the project |
+| Name | Description |
+| -------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------- |
+| [athena_query_result_output_bucket_arn](#output_athena_query_result_output_bucket_arn) | Output S3 bucket ARN for Athena query results |
+| [athena_workgroup_arn](#output_athena_workgroup_arn) | Query workgroup for Athena |
+| [glue_catalog_arn](#output_glue_catalog_arn) | Catalog database arn |
+| [tags](#output_tags) | The tags used in the project |
+
diff --git a/infrastructure/modules/rapid/README.md b/infrastructure/modules/rapid/README.md
index bad5309..0b4b304 100644
--- a/infrastructure/modules/rapid/README.md
+++ b/infrastructure/modules/rapid/README.md
@@ -3,66 +3,68 @@
Use this module to spin up a rAPId instance within existing AWS infrastructure.
+
## Requirements
No requirements.
## Providers
-| Name | Version |
-|------|---------|
-| [aws](#provider\_aws) | 4.50.0 |
+| Name | Version |
+| ------------------------------------------------ | ------- |
+| [aws](#provider_aws) | 4.50.0 |
## Modules
-| Name | Source | Version |
-|------|--------|---------|
-| [app\_cluster](#module\_app\_cluster) | ../app-cluster | n/a |
-| [auth](#module\_auth) | ../auth | n/a |
-| [data\_workflow](#module\_data\_workflow) | ../data-workflow | n/a |
-| [ui](#module\_ui) | ../ui | n/a |
+| Name | Source | Version |
+| -------------------------------------------------------------------------- | ---------------- | ------- |
+| [app_cluster](#module_app_cluster) | ../app-cluster | n/a |
+| [auth](#module_auth) | ../auth | n/a |
+| [data_workflow](#module_data_workflow) | ../data-workflow | n/a |
+| [ui](#module_ui) | ../ui | n/a |
## Resources
-| Name | Type |
-|------|------|
-| [aws_s3_bucket.logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
-| [aws_s3_bucket.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
-| [aws_s3_bucket_policy.log_bucket_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource |
+| Name | Type |
+| --------------------------------------------------------------------------------------------------------------------------------------------------- | -------- |
+| [aws_s3_bucket.logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
+| [aws_s3_bucket.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
+| [aws_s3_bucket_policy.log_bucket_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource |
| [aws_s3_bucket_public_access_block.logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource |
| [aws_s3_bucket_public_access_block.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource |
## Inputs
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| [allowed\_email\_domains](#input\_allowed\_email\_domains) | List of allowed emails domains that can be associated with users | `string` | n/a | yes |
-| [app-replica-count-desired](#input\_app-replica-count-desired) | The desired number of replicas of the app | `number` | `1` | no |
-| [app-replica-count-max](#input\_app-replica-count-max) | The maximum desired number of replicas of the app | `number` | `2` | no |
-| [application\_version](#input\_application\_version) | The version number for the application image (e.g.: v1.0.4, v1.0.x-latest, etc.) | `string` | `"v6.0.1"` | no |
-| [aws\_account](#input\_aws\_account) | AWS Account number to host the rAPId service | `string` | n/a | yes |
-| [aws\_region](#input\_aws\_region) | The region of the AWS Account for the rAPId service | `string` | n/a | yes |
-| [catalog\_disabled](#input\_catalog\_disabled) | Optional value on whether to disable the internal rAPId data catalog | `bool` | `false` | no |
-| [certificate\_validation\_arn](#input\_certificate\_validation\_arn) | Arn of the certificate used by the domain | `string` | `""` | no |
-| [domain\_name](#input\_domain\_name) | Domain name for the rAPId instance | `string` | n/a | yes |
-| [ecs\_cluster\_arn](#input\_ecs\_cluster\_arn) | ECS cliuster arn to attach the rAPId api to | `string` | `null` | no |
-| [ecs\_cluster\_id](#input\_ecs\_cluster\_id) | ECS cluster id to attach the rAPId api to | `string` | `null` | no |
-| [ecs\_cluster\_name](#input\_ecs\_cluster\_name) | ECS cluster name to attach the rAPId api to | `string` | `null` | no |
-| [enable\_cloudtrail](#input\_enable\_cloudtrail) | Whether to enable the logging of db events to CloudTrail | `bool` | `true` | no |
-| [hosted\_zone\_id](#input\_hosted\_zone\_id) | Hosted Zone ID with the domain Name Servers, pass quotes to create a new one from scratch | `string` | `""` | no |
-| [ip\_whitelist](#input\_ip\_whitelist) | A list of IPs to whitelist for access to the service | `list(string)` | n/a | yes |
-| [password\_policy](#input\_password\_policy) | The Cognito pool password policy |
object({ minimum_length = number require_lowercase = bool require_numbers = bool require_symbols = bool require_uppercase = bool temporary_password_validity_days = number })
| no |
-| [private\_subnet\_ids\_list](#input\_private\_subnet\_ids\_list) | A list of private subnets from each organisation network config | `list(string)` | n/a | yes |
-| [public\_subnet\_ids\_list](#input\_public\_subnet\_ids\_list) | A list of public subnets from the VPC config | `list(string)` | n/a | yes |
-| [rapid\_ecr\_url](#input\_rapid\_ecr\_url) | ECR Url for task definition | `string` | `"public.ecr.aws/no10-rapid/api"` | no |
-| [resource-name-prefix](#input\_resource-name-prefix) | organization prefix of for naming | `string` | n/a | yes |
-| [support\_emails\_for\_cloudwatch\_alerts](#input\_support\_emails\_for\_cloudwatch\_alerts) | List of emails that will receive alerts from CloudWatch | `list(string)` | n/a | yes |
-| [tags](#input\_tags) | A common map of tags for all VPC resources that are created (for e.g. billing purposes) | `map(string)` |
{ "Resource": "data-f1-rapid" }
| no |
-| [ui\_version](#input\_ui\_version) | The version number for the static ui (e.g.: v1.0.0, etc.) | `string` | `"v6.0.1"` | no |
-| [us\_east\_certificate\_validation\_arn](#input\_us\_east\_certificate\_validation\_arn) | Arn of the certificate used by Cloudfront. Please note this has to live in us-east-1. | `string` | `""` | no |
-| [vpc\_id](#input\_vpc\_id) | The ID of the multihost VPC | `string` | n/a | yes |
+| Name | Description | Type | Default | Required |
+| --------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | :------: |
+| [allowed_email_domains](#input_allowed_email_domains) | List of allowed emails domains that can be associated with users | `string` | n/a | yes |
+| [app-replica-count-desired](#input_app-replica-count-desired) | The desired number of replicas of the app | `number` | `1` | no |
+| [app-replica-count-max](#input_app-replica-count-max) | The maximum desired number of replicas of the app | `number` | `2` | no |
+| [application_version](#input_application_version) | The version number for the application image (e.g.: v1.0.4, v1.0.x-latest, etc.) | `string` | `"v6.0.1"` | no |
+| [aws_account](#input_aws_account) | AWS Account number to host the rAPId service | `string` | n/a | yes |
+| [aws_region](#input_aws_region) | The region of the AWS Account for the rAPId service | `string` | n/a | yes |
+| [catalog_disabled](#input_catalog_disabled) | Optional value on whether to disable the internal rAPId data catalog | `bool` | `false` | no |
+| [certificate_validation_arn](#input_certificate_validation_arn) | Arn of the certificate used by the domain | `string` | `""` | no |
+| [domain_name](#input_domain_name) | Domain name for the rAPId instance | `string` | n/a | yes |
+| [ecs_cluster_arn](#input_ecs_cluster_arn) | ECS cliuster arn to attach the rAPId api to | `string` | `null` | no |
+| [ecs_cluster_id](#input_ecs_cluster_id) | ECS cluster id to attach the rAPId api to | `string` | `null` | no |
+| [ecs_cluster_name](#input_ecs_cluster_name) | ECS cluster name to attach the rAPId api to | `string` | `null` | no |
+| [enable_cloudtrail](#input_enable_cloudtrail) | Whether to enable the logging of db events to CloudTrail | `bool` | `true` | no |
+| [hosted_zone_id](#input_hosted_zone_id) | Hosted Zone ID with the domain Name Servers, pass quotes to create a new one from scratch | `string` | `""` | no |
+| [ip_whitelist](#input_ip_whitelist) | A list of IPs to whitelist for access to the service | `list(string)` | n/a | yes |
+| [password_policy](#input_password_policy) | The Cognito pool password policy |
object({ minimum_length = number require_lowercase = bool require_numbers = bool require_symbols = bool require_uppercase = bool temporary_password_validity_days = number })
| no |
+| [private_subnet_ids_list](#input_private_subnet_ids_list) | A list of private subnets from each organisation network config | `list(string)` | n/a | yes |
+| [public_subnet_ids_list](#input_public_subnet_ids_list) | A list of public subnets from the VPC config | `list(string)` | n/a | yes |
+| [rapid_ecr_url](#input_rapid_ecr_url) | ECR Url for task definition | `string` | `"public.ecr.aws/no10-rapid/api"` | no |
+| [resource-name-prefix](#input_resource-name-prefix) | organization prefix of for naming | `string` | n/a | yes |
+| [support_emails_for_cloudwatch_alerts](#input_support_emails_for_cloudwatch_alerts) | List of emails that will receive alerts from CloudWatch | `list(string)` | n/a | yes |
+| [tags](#input_tags) | A common map of tags for all VPC resources that are created (for e.g. billing purposes) | `map(string)` |
# Project rAPId
+
