feat: support authorization code flow #53
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
latest vscode version (may 2024) is not compatible with patched typescript from yarn - revert to 5.4.3 is a temp fix for now
github-actions
bot
added
user
Terraform Plan ('infra/resources/prod/westeurope') 📖Terraform Plan "Product for FIMS OpenId Provider APIs." -> null
- display_name = "IO FIMS OpenId Provider API" -> null
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-internal/providers/Microsoft.ApiManagement/service/io-p-apim-v2-api/products/io-fims-openid-provider-api" -> null
- product_id = "io-fims-openid-provider-api" -> null
- published = true -> null
- resource_group_name = "io-p-rg-internal" -> null
- subscription_required = false -> null
- subscriptions_limit = 0 -> null
}
# module.apim.module.apim_product_fims_openid_provider.azurerm_api_management_product_policy.this[0] will be destroyed
# (because azurerm_api_management_product_policy.this is not in configuration)
- resource "azurerm_api_management_product_policy" "this" {
- api_management_name = "io-p-apim-v2-api" -> null
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-internal/providers/Microsoft.ApiManagement/service/io-p-apim-v2-api/products/io-fims-openid-provider-api" -> null
- product_id = "io-fims-openid-provider-api" -> null
- resource_group_name = "io-p-rg-internal" -> null
- xml_content = <<-EOT
<policies>
<inbound>
<base />
</inbound>
<backend>
<base />
</backend>
<outbound>
<base />
</outbound>
<on-error>
<base />
</on-error>
</policies>
EOT -> null
}
# module.cosmos.module.comsosdb_sql_container_op_access_tokens.azurerm_cosmosdb_sql_container.this will be created
+ resource "azurerm_cosmosdb_sql_container" "this" {
+ account_name = "io-p-fims-cosmos"
+ database_name = "op"
+ default_ttl = -1
+ id = (known after apply)
+ name = "access-tokens"
+ partition_key_path = "/id"
+ resource_group_name = "io-p-fims-rg"
+ throughput = (known after apply)
}
# module.cosmos.module.comsosdb_sql_container_op_authorization_codes.azurerm_cosmosdb_sql_container.this will be created
+ resource "azurerm_cosmosdb_sql_container" "this" {
+ account_name = "io-p-fims-cosmos"
+ database_name = "op"
+ default_ttl = -1
+ id = (known after apply)
+ name = "authorization-codes"
+ partition_key_path = "/id"
+ resource_group_name = "io-p-fims-rg"
+ throughput = (known after apply)
}
# module.cosmos.module.comsosdb_sql_container_op_authorization_codes_by_id.azurerm_cosmosdb_sql_container.this will be created
+ resource "azurerm_cosmosdb_sql_container" "this" {
+ account_name = "io-p-fims-cosmos"
+ database_name = "op"
+ default_ttl = -1
+ id = (known after apply)
+ name = "granteds-by-grant-id"
+ partition_key_path = "/id"
+ resource_group_name = "io-p-fims-rg"
+ throughput = (known after apply)
}
# module.cosmos.module.comsosdb_sql_container_op_clients.azurerm_cosmosdb_sql_container.this will be created
+ resource "azurerm_cosmosdb_sql_container" "this" {
+ account_name = "io-p-fims-cosmos"
+ database_name = "op"
+ default_ttl = -1
+ id = (known after apply)
+ name = "clients"
+ partition_key_path = "/id"
+ resource_group_name = "io-p-fims-rg"
+ throughput = (known after apply)
}
# module.cosmos.module.comsosdb_sql_container_op_grants.azurerm_cosmosdb_sql_container.this will be created
+ resource "azurerm_cosmosdb_sql_container" "this" {
+ account_name = "io-p-fims-cosmos"
+ database_name = "op"
+ default_ttl = -1
+ id = (known after apply)
+ name = "grants"
+ partition_key_path = "/id"
+ resource_group_name = "io-p-fims-rg"
+ throughput = (known after apply)
}
# module.cosmos.module.comsosdb_sql_container_op_interactions.azurerm_cosmosdb_sql_container.this will be created
+ resource "azurerm_cosmosdb_sql_container" "this" {
+ account_name = "io-p-fims-cosmos"
+ database_name = "op"
+ default_ttl = -1
+ id = (known after apply)
+ name = "interactions"
+ partition_key_path = "/id"
+ resource_group_name = "io-p-fims-rg"
+ throughput = (known after apply)
}
# module.cosmos.module.comsosdb_sql_container_op_sessions.azurerm_cosmosdb_sql_container.this will be created
+ resource "azurerm_cosmosdb_sql_container" "this" {
+ account_name = "io-p-fims-cosmos"
+ database_name = "op"
+ default_ttl = -1
+ id = (known after apply)
+ name = "sessions"
+ partition_key_path = "/id"
+ resource_group_name = "io-p-fims-rg"
+ throughput = (known after apply)
}
# module.cosmos.module.comsosdb_sql_container_op_sessions_by_id.azurerm_cosmosdb_sql_container.this will be created
+ resource "azurerm_cosmosdb_sql_container" "this" {
+ account_name = "io-p-fims-cosmos"
+ database_name = "op"
+ default_ttl = -1
+ id = (known after apply)
+ name = "sessions-by-uid"
+ partition_key_path = "/id"
+ resource_group_name = "io-p-fims-rg"
+ throughput = (known after apply)
}
# module.cosmos.module.cosmosdb_database_fims.azurerm_cosmosdb_sql_database.this will be destroyed
# (because azurerm_cosmosdb_sql_database.this is not in configuration)
- resource "azurerm_cosmosdb_sql_database" "this" {
- account_name = "io-p-fims-cosmos" -> null
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.DocumentDB/databaseAccounts/io-p-fims-cosmos/sqlDatabases/fims" -> null
- name = "fims" -> null
- resource_group_name = "io-p-fims-rg" -> null
}
# module.cosmos.module.cosmosdb_database_op.azurerm_cosmosdb_sql_database.this will be created
+ resource "azurerm_cosmosdb_sql_database" "this" {
+ account_name = "io-p-fims-cosmos"
+ id = (known after apply)
+ name = "op"
+ resource_group_name = "io-p-fims-rg"
+ throughput = (known after apply)
}
# module.web_apps.module.appservice_openid_provider.azurerm_app_service_virtual_network_swift_connection.app_service_virtual_network_swift_connection[0] will be destroyed
# (because azurerm_app_service_virtual_network_swift_connection.app_service_virtual_network_swift_connection is not in configuration)
- resource "azurerm_app_service_virtual_network_swift_connection" "app_service_virtual_network_swift_connection" {
- app_service_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Web/sites/io-p-fims-openid-provider-app" -> null
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Web/sites/io-p-fims-openid-provider-app/config/virtualNetwork" -> null
- subnet_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/virtualNetworks/io-p-vnet-common/subnets/fims" -> null
}
# module.web_apps.module.appservice_openid_provider.azurerm_linux_web_app.this will be destroyed
# (because azurerm_linux_web_app.this is not in configuration)
- resource "azurerm_linux_web_app" "this" {
- app_settings = {
- "APPINSIGHTS_INSTRUMENTATIONKEY" = "ab45103a-cb4f-474b-933f-d802ed1082d5"
- "APPINSIGHTS_SAMPLING_PERCENTAGE" = "100"
- "APPLICATION_NAME" = "io-openid-provider"
- "AUTHENTICATION_COOKIE_KEY" = "X-IO-FIMS-Token"
- "COOKIES_KEY" = (sensitive value)
- "COSMOSDB_NAME" = "fims"
- "COSMOSDB_URI" = "https://io-p-fims-cosmos.documents.azure.com:443/"
- "DEFAULT_REQUEST_TIMEOUT_MS" = "10000"
- "ENABLE_FEATURE_REMEMBER_GRANT" = "true"
- "ENABLE_PROXY" = "true"
- "EXPRESS_SERVER_HOSTNAME" = "0.0.0.0"
- "FETCH_KEEPALIVE_ENABLED" = "true"
- "FETCH_KEEPALIVE_FREE_SOCKET_TIMEOUT" = "30000"
- "FETCH_KEEPALIVE_MAX_FREE_SOCKETS" = "10"
- "FETCH_KEEPALIVE_MAX_SOCKETS" = "128"
- "FETCH_KEEPALIVE_SOCKET_ACTIVE_TTL" = "110000"
- "FETCH_KEEPALIVE_TIMEOUT" = "60000"
- "GRANT_TTL_IN_SECONDS" = "86400"
- "IO_BACKEND_BASE_URL" = "https://api-app.io.pagopa.it"
- "ISSUER" = "https://io-p-fims-oidc-provider-app.azurewebsites.net"
- "JWK_PRIMARY" = (sensitive value)
- "LOG_LEVEL" = "debug"
- "NODE_ENV" = "production"
- "PORT" = "3000"
- "VERSION" = "0.0.1"
- "WEBSITE_ADD_SITENAME_BINDINGS_IN_APPHOST_CONFIG" = "1"
- "WEBSITE_DNS_SERVER" = "168.63.129.16"
- "WEBSITE_RUN_FROM_PACKAGE" = "1"
} -> null
- client_affinity_enabled = false -> null
- client_certificate_enabled = false -> null
- client_certificate_mode = "Required" -> null
- custom_domain_verification_id = (sensitive value) -> null
- default_hostname = "io-p-fims-openid-provider-app.azurewebsites.net" -> null
- enabled = true -> null
- ftp_publish_basic_authentication_enabled = true -> null
- https_only = true -> null
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Web/sites/io-p-fims-openid-provider-app" -> null
- key_vault_reference_identity_id = "SystemAssigned" -> null
- kind = "app,linux" -> null
- location = "westeurope" -> null
- name = "io-p-fims-openid-provider-app" -> null
- outbound_ip_address_list = [
- "20.126.179.205",
- "20.31.96.104",
- "20.31.97.43",
- "20.31.100.30",
- "20.31.102.16",
- "20.31.102.144",
- "20.82.8.153",
- "20.82.9.47",
- "20.82.14.107",
- "20.82.15.76",
- "20.93.216.26",
- "20.93.219.246",
- "20.105.224.41",
] -> null
- outbound_ip_addresses = "20.126.179.205,20.31.96.104,20.31.97.43,20.31.100.30,20.31.102.16,20.31.102.144,20.82.8.153,20.82.9.47,20.82.14.107,20.82.15.76,20.93.216.26,20.93.219.246,20.105.224.41" -> null
- possible_outbound_ip_address_list = [
- "20.126.179.205",
- "20.31.96.104",
- "20.31.97.43",
- "20.31.100.30",
- "20.31.102.16",
- "20.31.102.144",
- "20.82.8.153",
- "20.82.9.47",
- "20.82.14.107",
- "20.82.15.76",
- "20.93.216.26",
- "20.93.219.246",
- "20.93.223.48",
- "20.103.172.120",
- "20.103.173.68",
- "20.103.173.81",
- "20.103.173.195",
- "20.103.174.46",
- "20.103.175.4",
- "20.103.175.82",
- "20.103.175.235",
- "20.126.176.154",
- "20.126.177.227",
- "20.126.178.113",
- "20.126.179.205",
- "20.31.96.104",
- "20.31.97.43",
- "20.31.100.30",
- "20.31.102.16",
- "20.31.102.144",
- "20.31.102.208",
- "20.31.102.224",
- "20.31.103.40",
- "20.31.103.175",
- "20.238.144.24",
- "20.238.144.72",
- "20.105.224.41",
] -> null
- possible_outbound_ip_addresses = "20.126.179.205,20.31.96.104,20.31.97.43,20.31.100.30,20.31.102.16,20.31.102.144,20.82.8.153,20.82.9.47,20.82.14.107,20.82.15.76,20.93.216.26,20.93.219.246,20.93.223.48,20.103.172.120,20.103.173.68,20.103.173.81,20.103.173.195,20.103.174.46,20.103.175.4,20.103.175.82,20.103.175.235,20.126.176.154,20.126.177.227,20.126.178.113,20.126.179.205,20.31.96.104,20.31.97.43,20.31.100.30,20.31.102.16,20.31.102.144,20.31.102.208,20.31.102.224,20.31.103.40,20.31.103.175,20.238.144.24,20.238.144.72,20.105.224.41" -> null
- public_network_access_enabled = true -> null
- resource_group_name = "io-p-fims-rg" -> null
- service_plan_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Web/serverFarms/io-p-fims-openid-provider-plan" -> null
- site_credential = (sensitive value) -> null
- tags = {
- "CostCenter" = "TS310 - PAGAMENTI & SERVIZI"
- "CreatedBy" = "Terraform"
- "Environment" = "Prod"
- "Owner" = "IO Comunicazione"
- "Source" = "https://github.com/pagopa/io-fims/blob/main/infra/prod/westeurope"
} -> null
- virtual_network_subnet_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/virtualNetworks/io-p-vnet-common/subnets/fims" -> null
- webdeploy_publish_basic_authentication_enabled = true -> null
- identity {
- identity_ids = [] -> null
- principal_id = "28946f41-3e14-46bc-a40b-4e2065cbcaeb" -> null
- tenant_id = "7788edaf-0346-4068-9d79-c868aed15b3d" -> null
- type = "SystemAssigned" -> null
}
- site_config {
- always_on = true -> null
- app_command_line = "node ." -> null
- auto_heal_enabled = false -> null
- container_registry_use_managed_identity = false -> null
- default_documents = [
- "Default.htm",
- "Default.html",
- "Default.asp",
- "index.htm",
- "index.html",
- "iisstart.htm",
- "default.aspx",
- "index.php",
- "hostingstart.html",
] -> null
- detailed_error_logging_enabled = false -> null
- ftps_state = "Disabled" -> null
- health_check_eviction_time_in_min = 3 -> null
- health_check_path = "/info" -> null
- http2_enabled = true -> null
- linux_fx_version = "NODE|20-lts" -> null
- load_balancing_mode = "LeastRequests" -> null
- local_mysql_enabled = false -> null
- managed_pipeline_mode = "Integrated" -> null
- minimum_tls_version = "1.2" -> null
- remote_debugging_enabled = false -> null
- remote_debugging_version = "VS2019" -> null
- scm_minimum_tls_version = "1.2" -> null
- scm_type = "None" -> null
- scm_use_main_ip_restriction = false -> null
- use_32_bit_worker = false -> null
- vnet_route_all_enabled = true -> null
- websockets_enabled = false -> null
- worker_count = 1 -> null
- application_stack {
- node_version = "20-lts" -> null
}
- ip_restriction {
- action = "Allow" -> null
- headers = [] -> null
- name = "rule" -> null
- priority = 65000 -> null
- virtual_network_subnet_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/virtualNetworks/io-p-vnet-common/subnets/io-p-appgateway-snet" -> null
}
- ip_restriction {
- action = "Allow" -> null
- headers = [] -> null
- name = "rule" -> null
- priority = 65000 -> null
- virtual_network_subnet_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/virtualNetworks/io-p-vnet-common/subnets/apimv2api" -> null
}
- ip_restriction {
- action = "Allow" -> null
- headers = [] -> null
- name = "rule" -> null
- priority = 65000 -> null
- virtual_network_subnet_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/virtualNetworks/io-p-vnet-common/subnets/io-p-appgateway-snet" -> null
}
- ip_restriction {
- action = "Allow" -> null
- headers = [] -> null
- name = "rule" -> null
- priority = 65000 -> null
- virtual_network_subnet_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/virtualNetworks/io-p-vnet-common/subnets/apimv2api" -> null
}
}
}
# module.web_apps.module.appservice_openid_provider.azurerm_service_plan.this[0] will be destroyed
# (because azurerm_service_plan.this is not in configuration)
- resource "azurerm_service_plan" "this" {
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Web/serverFarms/io-p-fims-openid-provider-plan" -> null
- kind = "linux" -> null
- location = "westeurope" -> null
- maximum_elastic_worker_count = 1 -> null
- name = "io-p-fims-openid-provider-plan" -> null
- os_type = "Linux" -> null
- per_site_scaling_enabled = false -> null
- reserved = true -> null
- resource_group_name = "io-p-fims-rg" -> null
- sku_name = "S1" -> null
- tags = {
- "CostCenter" = "TS310 - PAGAMENTI & SERVIZI"
- "CreatedBy" = "Terraform"
- "Environment" = "Prod"
- "Owner" = "IO Comunicazione"
- "Source" = "https://github.com/pagopa/io-fims/blob/main/infra/prod/westeurope"
} -> null
- worker_count = 1 -> null
- zone_balancing_enabled = false -> null
}
# module.web_apps.module.appservice_openid_provider_staging.azurerm_app_service_slot_virtual_network_swift_connection.app_service_virtual_network_swift_connection[0] will be destroyed
# (because azurerm_app_service_slot_virtual_network_swift_connection.app_service_virtual_network_swift_connection is not in configuration)
- resource "azurerm_app_service_slot_virtual_network_swift_connection" "app_service_virtual_network_swift_connection" {
- app_service_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Web/sites/io-p-fims-openid-provider-app" -> null
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Web/sites/io-p-fims-openid-provider-app/slots/staging/config/virtualNetwork" -> null
- slot_name = "staging" -> null
- subnet_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/virtualNetworks/io-p-vnet-common/subnets/fims" -> null
}
# module.web_apps.module.appservice_openid_provider_staging.azurerm_linux_web_app_slot.this will be destroyed
# (because azurerm_linux_web_app_slot.this is not in configuration)
- resource "azurerm_linux_web_app_slot" "this" {
- app_metadata = {} -> null
- app_service_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Web/sites/io-p-fims-openid-provider-app" -> null
- app_settings = {
- "APPINSIGHTS_INSTRUMENTATIONKEY" = "ab45103a-cb4f-474b-933f-d802ed1082d5"
- "APPINSIGHTS_SAMPLING_PERCENTAGE" = "100"
- "APPLICATION_NAME" = "io-openid-provider"
- "AUTHENTICATION_COOKIE_KEY" = "X-IO-FIMS-Token"
- "COOKIES_KEY" = (sensitive value)
- "COSMOSDB_NAME" = "fims"
- "COSMOSDB_URI" = "https://io-p-fims-cosmos.documents.azure.com:443/"
- "DEFAULT_REQUEST_TIMEOUT_MS" = "10000"
- "ENABLE_FEATURE_REMEMBER_GRANT" = "true"
- "ENABLE_PROXY" = "true"
- "EXPRESS_SERVER_HOSTNAME" = "0.0.0.0"
- "FETCH_KEEPALIVE_ENABLED" = "true"
- "FETCH_KEEPALIVE_FREE_SOCKET_TIMEOUT" = "30000"
- "FETCH_KEEPALIVE_MAX_FREE_SOCKETS" = "10"
- "FETCH_KEEPALIVE_MAX_SOCKETS" = "128"
- "FETCH_KEEPALIVE_SOCKET_ACTIVE_TTL" = "110000"
- "FETCH_KEEPALIVE_TIMEOUT" = "60000"
- "GRANT_TTL_IN_SECONDS" = "86400"
- "IO_BACKEND_BASE_URL" = "https://api-app.io.pagopa.it"
- "ISSUER" = "https://io-p-fims-oidc-provider-app.azurewebsites.net"
- "JWK_PRIMARY" = (sensitive value)
- "LOG_LEVEL" = "debug"
- "NODE_ENV" = "production"
- "PORT" = "3000"
- "VERSION" = "0.0.1"
- "WEBSITE_ADD_SITENAME_BINDINGS_IN_APPHOST_CONFIG" = "1"
- "WEBSITE_DNS_SERVER" = "168.63.129.16"
- "WEBSITE_RUN_FROM_PACKAGE" = "1"
} -> null
- client_affinity_enabled = false -> null
- client_certificate_enabled = false -> null
- client_certificate_mode = "Required" -> null
- custom_domain_verification_id = (sensitive value) -> null
- default_hostname = "io-p-fims-openid-provider-app-staging.azurewebsites.net" -> null
- enabled = true -> null
- ftp_publish_basic_authentication_enabled = true -> null
- https_only = true -> null
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Web/sites/io-p-fims-openid-provider-app/slots/staging" -> null
- key_vault_reference_identity_id = "SystemAssigned" -> null
- kind = "app,linux" -> null
- name = "staging" -> null
- outbound_ip_address_list = [
- "20.126.179.205",
- "20.31.96.104",
- "20.31.97.43",
- "20.31.100.30",
- "20.31.102.16",
- "20.31.102.144",
- "20.82.8.153",
- "20.82.9.47",
- "20.82.14.107",
- "20.82.15.76",
- "20.93.216.26",
- "20.93.219.246",
- "20.105.224.41",
] -> null
- outbound_ip_addresses = "20.126.179.205,20.31.96.104,20.31.97.43,20.31.100.30,20.31.102.16,20.31.102.144,20.82.8.153,20.82.9.47,20.82.14.107,20.82.15.76,20.93.216.26,20.93.219.246,20.105.224.41" -> null
- possible_outbound_ip_address_list = [
- "20.126.179.205",
- "20.31.96.104",
- "20.31.97.43",
- "20.31.100.30",
- "20.31.102.16",
- "20.31.102.144",
- "20.82.8.153",
- "20.82.9.47",
- "20.82.14.107",
- "20.82.15.76",
- "20.93.216.26",
- "20.93.219.246",
- "20.93.223.48",
- "20.103.172.120",
- "20.103.173.68",
- "20.103.173.81",
- "20.103.173.195",
- "20.103.174.46",
- "20.103.175.4",
- "20.103.175.82",
- "20.103.175.235",
- "20.126.176.154",
- "20.126.177.227",
- "20.126.178.113",
- "20.126.179.205",
- "20.31.96.104",
- "20.31.97.43",
- "20.31.100.30",
- "20.31.102.16",
- "20.31.102.144",
- "20.31.102.208",
- "20.31.102.224",
- "20.31.103.40",
- "20.31.103.175",
- "20.238.144.24",
- "20.238.144.72",
- "20.105.224.41",
] -> null
- possible_outbound_ip_addresses = "20.126.179.205,20.31.96.104,20.31.97.43,20.31.100.30,20.31.102.16,20.31.102.144,20.82.8.153,20.82.9.47,20.82.14.107,20.82.15.76,20.93.216.26,20.93.219.246,20.93.223.48,20.103.172.120,20.103.173.68,20.103.173.81,20.103.173.195,20.103.174.46,20.103.175.4,20.103.175.82,20.103.175.235,20.126.176.154,20.126.177.227,20.126.178.113,20.126.179.205,20.31.96.104,20.31.97.43,20.31.100.30,20.31.102.16,20.31.102.144,20.31.102.208,20.31.102.224,20.31.103.40,20.31.103.175,20.238.144.24,20.238.144.72,20.105.224.41" -> null
- public_network_access_enabled = true -> null
- site_credential = (sensitive value) -> null
- tags = {
- "CostCenter" = "TS310 - PAGAMENTI & SERVIZI"
- "CreatedBy" = "Terraform"
- "Environment" = "Prod"
- "Owner" = "IO Comunicazione"
- "Source" = "https://github.com/pagopa/io-fims/blob/main/infra/prod/westeurope"
} -> null
- virtual_network_subnet_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/virtualNetworks/io-p-vnet-common/subnets/fims" -> null
- webdeploy_publish_basic_authentication_enabled = true -> null
- identity {
- identity_ids = [] -> null
- principal_id = "e44cafda-ddee-4804-b1d4-22b3cc536a19" -> null
- tenant_id = "7788edaf-0346-4068-9d79-c868aed15b3d" -> null
- type = "SystemAssigned" -> null
}
- site_config {
- always_on = true -> null
- app_command_line = "node ." -> null
- auto_heal_enabled = false -> null
- container_registry_use_managed_identity = false -> null
- default_documents = [
- "Default.htm",
- "Default.html",
- "Default.asp",
- "index.htm",
- "index.html",
- "iisstart.htm",
- "default.aspx",
- "index.php",
- "hostingstart.html",
] -> null
- detailed_error_logging_enabled = false -> null
- ftps_state = "Disabled" -> null
- health_check_eviction_time_in_min = 0 -> null
- health_check_path = "/info" -> null
- http2_enabled = true -> null
- linux_fx_version = "NODE|20-lts" -> null
- load_balancing_mode = "LeastRequests" -> null
- local_mysql_enabled = false -> null
- managed_pipeline_mode = "Integrated" -> null
- minimum_tls_version = "1.2" -> null
- remote_debugging_enabled = false -> null
- remote_debugging_version = "VS2019" -> null
- scm_minimum_tls_version = "1.2" -> null
- scm_type = "None" -> null
- scm_use_main_ip_restriction = false -> null
- use_32_bit_worker = false -> null
- vnet_route_all_enabled = true -> null
- websockets_enabled = false -> null
- worker_count = 1 -> null
- application_stack {
- node_version = "20-lts" -> null
}
- ip_restriction {
- action = "Allow" -> null
- headers = [] -> null
- name = "rule" -> null
- priority = 65000 -> null
- virtual_network_subnet_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/virtualNetworks/io-p-vnet-common/subnets/azure-devops" -> null
}
- ip_restriction {
- action = "Allow" -> null
- headers = [] -> null
- name = "rule" -> null
- priority = 65000 -> null
- virtual_network_subnet_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/virtualNetworks/io-p-vnet-common/subnets/io-p-appgateway-snet" -> null
}
- ip_restriction {
- action = "Allow" -> null
- headers = [] -> null
- name = "rule" -> null
- priority = 65000 -> null
- virtual_network_subnet_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/virtualNetworks/io-p-vnet-common/subnets/apimv2api" -> null
}
}
}
# module.web_apps.module.op_func.azurerm_app_service_virtual_network_swift_connection.this[0] will be destroyed
# (because azurerm_app_service_virtual_network_swift_connection.this is not in configuration)
- resource "azurerm_app_service_virtual_network_swift_connection" "this" {
- app_service_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Web/sites/io-p-fims-op-func" -> null
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Web/sites/io-p-fims-op-func/config/virtualNetwork" -> null
- subnet_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/virtualNetworks/io-p-vnet-common/subnets/fims" -> null
}
# module.web_apps.module.op_func.azurerm_linux_function_app.this will be destroyed
# (because azurerm_linux_function_app.this is not in configuration)
- resource "azurerm_linux_function_app" "this" {
- app_settings = {
- "APPINSIGHTS_SAMPLING_PERCENTAGE" = "5"
- "NODE_ENV" = "production"
- "SLOT_TASK_HUBNAME" = "ProductionTaskHub"
- "WEBSITE_ADD_SITENAME_BINDINGS_IN_APPHOST_CONFIG" = "1"
- "WEBSITE_DNS_SERVER" = "168.63.129.16"
- "WEBSITE_RUN_FROM_PACKAGE" = "1"
} -> null
- builtin_logging_enabled = false -> null
- client_certificate_enabled = false -> null
- client_certificate_mode = "Optional" -> null
- content_share_force_disabled = false -> null
- custom_domain_verification_id = (sensitive value) -> null
- daily_memory_time_quota = 0 -> null
- default_hostname = "io-p-fims-op-func.azurewebsites.net" -> null
- enabled = true -> null
- ftp_publish_basic_authentication_enabled = true -> null
- functions_extension_version = "~4" -> null
- https_only = true -> null
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Web/sites/io-p-fims-op-func" -> null
- key_vault_reference_identity_id = "SystemAssigned" -> null
- kind = "functionapp,linux" -> null
- location = "westeurope" -> null
- name = "io-p-fims-op-func" -> null
- outbound_ip_address_list = [
- "20.126.179.205",
- "20.31.96.104",
- "20.31.97.43",
- "20.31.100.30",
- "20.31.102.16",
- "20.31.102.144",
- "20.82.8.153",
- "20.82.9.47",
- "20.82.14.107",
- "20.82.15.76",
- "20.93.216.26",
- "20.93.219.246",
- "20.105.224.41",
] -> null
- outbound_ip_addresses = "20.126.179.205,20.31.96.104,20.31.97.43,20.31.100.30,20.31.102.16,20.31.102.144,20.82.8.153,20.82.9.47,20.82.14.107,20.82.15.76,20.93.216.26,20.93.219.246,20.105.224.41" -> null
- possible_outbound_ip_address_list = [
- "20.126.179.205",
- "20.31.96.104",
- "20.31.97.43",
- "20.31.100.30",
- "20.31.102.16",
- "20.31.102.144",
- "20.82.8.153",
- "20.82.9.47",
- "20.82.14.107",
- "20.82.15.76",
- "20.93.216.26",
- "20.93.219.246",
- "20.93.223.48",
- "20.103.172.120",
- "20.103.173.68",
- "20.103.173.81",
- "20.103.173.195",
- "20.103.174.46",
- "20.103.175.4",
- "20.103.175.82",
- "20.103.175.235",
- "20.126.176.154",
- "20.126.177.227",
- "20.126.178.113",
- "20.126.179.205",
- "20.31.96.104",
- "20.31.97.43",
- "20.31.100.30",
- "20.31.102.16",
- "20.31.102.144",
- "20.31.102.208",
- "20.31.102.224",
- "20.31.103.40",
- "20.31.103.175",
- "20.238.144.24",
- "20.238.144.72",
- "20.105.224.41",
] -> null
- possible_outbound_ip_addresses = "20.126.179.205,20.31.96.104,20.31.97.43,20.31.100.30,20.31.102.16,20.31.102.144,20.82.8.153,20.82.9.47,20.82.14.107,20.82.15.76,20.93.216.26,20.93.219.246,20.93.223.48,20.103.172.120,20.103.173.68,20.103.173.81,20.103.173.195,20.103.174.46,20.103.175.4,20.103.175.82,20.103.175.235,20.126.176.154,20.126.177.227,20.126.178.113,20.126.179.205,20.31.96.104,20.31.97.43,20.31.100.30,20.31.102.16,20.31.102.144,20.31.102.208,20.31.102.224,20.31.103.40,20.31.103.175,20.238.144.24,20.238.144.72,20.105.224.41" -> null
- public_network_access_enabled = true -> null
- resource_group_name = "io-p-fims-rg" -> null
- service_plan_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Web/serverFarms/io-p-fims-openid-provider-plan" -> null
- site_credential = (sensitive value) -> null
- storage_account_access_key = (sensitive value) -> null
- storage_account_name = "iopfimsopfuncst" -> null
- storage_uses_managed_identity = false -> null
- tags = {
- "CostCenter" = "TS310 - PAGAMENTI & SERVIZI"
- "CreatedBy" = "Terraform"
- "Environment" = "Prod"
- "Owner" = "IO Comunicazione"
- "Source" = "https://github.com/pagopa/io-fims/blob/main/infra/prod/westeurope"
} -> null
- virtual_network_subnet_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/virtualNetworks/io-p-vnet-common/subnets/fims" -> null
- webdeploy_publish_basic_authentication_enabled = true -> null
- identity {
- identity_ids = [] -> null
- principal_id = "ddc4ded8-5a07-44fe-914e-78d382242838" -> null
- tenant_id = "7788edaf-0346-4068-9d79-c868aed15b3d" -> null
- type = "SystemAssigned" -> null
}
- site_config {
- always_on = true -> null
- app_scale_limit = 0 -> null
- application_insights_key = (sensitive value) -> null
- container_registry_use_managed_identity = false -> null
- default_documents = [
- "Default.htm",
- "Default.html",
- "Default.asp",
- "index.htm",
- "index.html",
- "iisstart.htm",
- "default.aspx",
- "index.php",
] -> null
- detailed_error_logging_enabled = false -> null
- elastic_instance_minimum = 0 -> null
- ftps_state = "Disabled" -> null
- health_check_eviction_time_in_min = 10 -> null
- health_check_path = "/health" -> null
- http2_enabled = true -> null
- linux_fx_version = "NODE|18" -> null
- load_balancing_mode = "LeastRequests" -> null
- managed_pipeline_mode = "Integrated" -> null
- minimum_tls_version = "1.2" -> null
- pre_warmed_instance_count = 1 -> null
- remote_debugging_enabled = false -> null
- runtime_scale_monitoring_enabled = false -> null
- scm_minimum_tls_version = "1.2" -> null
- scm_type = "None" -> null
- scm_use_main_ip_restriction = false -> null
- use_32_bit_worker = false -> null
- vnet_route_all_enabled = true -> null
- websockets_enabled = false -> null
- worker_count = 1 -> null
- application_stack {
- node_version = "18" -> null
- use_custom_runtime = false -> null
- use_dotnet_isolated_runtime = false -> null
}
}
- sticky_settings {
- app_setting_names = [
- "SLOT_TASK_HUBNAME",
] -> null
- connection_string_names = [] -> null
}
}
# module.web_apps.module.op_func.azurerm_monitor_metric_alert.function_app_health_check[0] will be destroyed
# (because azurerm_monitor_metric_alert.function_app_health_check is not in configuration)
- resource "azurerm_monitor_metric_alert" "function_app_health_check" {
- auto_mitigate = false -> null
- description = "Function availability is under threshold level. Runbook: -" -> null
- enabled = true -> null
- frequency = "PT5M" -> null
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Insights/metricAlerts/[io-p-fims-op-func] Health Check Failed" -> null
- name = "[io-p-fims-op-func] Health Check Failed" -> null
- resource_group_name = "io-p-fims-rg" -> null
- scopes = [
- "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Web/sites/io-p-fims-op-func",
] -> null
- severity = 1 -> null
- tags = {} -> null
- window_size = "PT5M" -> null
- criteria {
- aggregation = "Average" -> null
- metric_name = "HealthCheckStatus" -> null
- metric_namespace = "Microsoft.Web/sites" -> null
- operator = "LessThan" -> null
- skip_metric_validation = false -> null
- threshold = 50 -> null
}
}
# module.web_apps.module.op_func_staging_slot.azurerm_app_service_slot_virtual_network_swift_connection.this[0] will be destroyed
# (because azurerm_app_service_slot_virtual_network_swift_connection.this is not in configuration)
- resource "azurerm_app_service_slot_virtual_network_swift_connection" "this" {
- app_service_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Web/sites/io-p-fims-op-func" -> null
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Web/sites/io-p-fims-op-func/slots/staging/config/virtualNetwork" -> null
- slot_name = "staging" -> null
- subnet_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/virtualNetworks/io-p-vnet-common/subnets/fims" -> null
}
# module.web_apps.module.op_func_staging_slot.azurerm_linux_function_app_slot.this will be destroyed
# (because azurerm_linux_function_app_slot.this is not in configuration)
- resource "azurerm_linux_function_app_slot" "this" {
- app_settings = {
- "APPINSIGHTS_SAMPLING_PERCENTAGE" = "5"
- "NODE_ENV" = "production"
- "SLOT_TASK_HUBNAME" = "StagingTaskHub"
- "WEBSITE_ADD_SITENAME_BINDINGS_IN_APPHOST_CONFIG" = "1"
- "WEBSITE_DNS_SERVER" = "168.63.129.16"
- "WEBSITE_RUN_FROM_PACKAGE" = "1"
} -> null
- builtin_logging_enabled = false -> null
- client_certificate_enabled = false -> null
- client_certificate_mode = "Optional" -> null
- content_share_force_disabled = false -> null
- custom_domain_verification_id = (sensitive value) -> null
- daily_memory_time_quota = 0 -> null
- default_hostname = "io-p-fims-op-func-staging.azurewebsites.net" -> null
- enabled = true -> null
- ftp_publish_basic_authentication_enabled = true -> null
- function_app_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Web/sites/io-p-fims-op-func" -> null
- functions_extension_version = "~4" -> null
- https_only = true -> null
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Web/sites/io-p-fims-op-func/slots/staging" -> null
- key_vault_reference_identity_id = "SystemAssigned" -> null
- kind = "functionapp,linux" -> null
- name = "staging" -> null
- outbound_ip_address_list = [] -> null
- possible_outbound_ip_address_list = [] -> null
- public_network_access_enabled = true -> null
- site_credential = (sensitive value) -> null
- storage_account_access_key = (sensitive value) -> null
- storage_account_name = (sensitive value) -> null
- storage_uses_managed_identity = false -> null
- tags = {
- "CostCenter" = "TS310 - PAGAMENTI & SERVIZI"
- "CreatedBy" = "Terraform"
- "Environment" = "Prod"
- "Owner" = "IO Comunicazione"
- "Source" = "https://github.com/pagopa/io-fims/blob/main/infra/prod/westeurope"
} -> null
- virtual_network_subnet_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/virtualNetworks/io-p-vnet-common/subnets/fims" -> null
- webdeploy_publish_basic_authentication_enabled = true -> null
- site_config {
- always_on = true -> null
- app_scale_limit = 0 -> null
- application_insights_key = (sensitive value) -> null
- container_registry_use_managed_identity = false -> null
- default_documents = [
- "Default.htm",
- "Default.html",
- "Default.asp",
- "index.htm",
- "index.html",
- "iisstart.htm",
- "default.aspx",
- "index.php",
] -> null
- detailed_error_logging_enabled = false -> null
- elastic_instance_minimum = 0 -> null
- ftps_state = "Disabled" -> null
- health_check_eviction_time_in_min = 10 -> null
- health_check_path = "/health" -> null
- http2_enabled = true -> null
- linux_fx_version = "NODE|18" -> null
- load_balancing_mode = "LeastRequests" -> null
- managed_pipeline_mode = "Integrated" -> null
- minimum_tls_version = "1.2" -> null
- pre_warmed_instance_count = 1 -> null
- remote_debugging_enabled = false -> null
- runtime_scale_monitoring_enabled = false -> null
- scm_minimum_tls_version = "1.2" -> null
- scm_type = "None" -> null
- scm_use_main_ip_restriction = false -> null
- use_32_bit_worker = false -> null
- vnet_route_all_enabled = true -> null
- websockets_enabled = false -> null
- worker_count = 1 -> null
- application_stack {
- node_version = "18" -> null
- use_custom_runtime = false -> null
- use_dotnet_isolated_runtime = false -> null
}
}
}
# module.web_apps.module.op_func.module.storage_account.azurerm_advanced_threat_protection.this[0] will be destroyed
# (because azurerm_advanced_threat_protection.this is not in configuration)
- resource "azurerm_advanced_threat_protection" "this" {
- enabled = true -> null
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Storage/storageAccounts/iopfimsopfuncst/providers/Microsoft.Security/advancedThreatProtectionSettings/current" -> null
- target_resource_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Storage/storageAccounts/iopfimsopfuncst" -> null
}
# module.web_apps.module.op_func.module.storage_account.azurerm_monitor_metric_alert.storage_account_low_availability[0] will be destroyed
# (because azurerm_monitor_metric_alert.storage_account_low_availability is not in configuration)
- resource "azurerm_monitor_metric_alert" "storage_account_low_availability" {
- auto_mitigate = false -> null
- description = "The average availability is less than 99.8%. Runbook: not needed." -> null
- enabled = true -> null
- frequency = "PT5M" -> null
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Insights/metricAlerts/[iopfimsopfuncst] Low Availability" -> null
- name = "[iopfimsopfuncst] Low Availability" -> null
- resource_group_name = "io-p-fims-rg" -> null
- scopes = [
- "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Storage/storageAccounts/iopfimsopfuncst",
] -> null
- severity = 0 -> null
- tags = {
- "CostCenter" = "TS310 - PAGAMENTI & SERVIZI"
- "CreatedBy" = "Terraform"
- "Environment" = "Prod"
- "Owner" = "IO Comunicazione"
- "Source" = "https://github.com/pagopa/io-fims/blob/main/infra/prod/westeurope"
} -> null
- window_size = "PT5M" -> null
- criteria {
- aggregation = "Average" -> null
- metric_name = "Availability" -> null
- metric_namespace = "Microsoft.Storage/storageAccounts" -> null
- operator = "LessThan" -> null
- skip_metric_validation = false -> null
- threshold = 99.8 -> null
}
}
# module.web_apps.module.op_func.module.storage_account.azurerm_storage_account.this will be destroyed
# (because azurerm_storage_account.this is not in configuration)
- resource "azurerm_storage_account" "this" {
- access_tier = "Hot" -> null
- account_kind = "StorageV2" -> null
- account_replication_type = "ZRS" -> null
- account_tier = "Standard" -> null
- allow_nested_items_to_be_public = false -> null
- cross_tenant_replication_enabled = false -> null
- default_to_oauth_authentication = false -> null
- enable_https_traffic_only = true -> null
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Storage/storageAccounts/iopfimsopfuncst" -> null
- infrastructure_encryption_enabled = false -> null
- is_hns_enabled = false -> null
- local_user_enabled = true -> null
- location = "westeurope" -> null
- min_tls_version = "TLS1_2" -> null
- name = "iopfimsopfuncst" -> null
- nfsv3_enabled = false -> null
- primary_access_key = (sensitive value) -> null
- primary_blob_connection_string = (sensitive value) -> null
- primary_blob_endpoint = "https://iopfimsopfuncst.blob.core.windows.net/" -> null
- primary_blob_host = "iopfimsopfuncst.blob.core.windows.net" -> null
- primary_connection_string = (sensitive value) -> null
- primary_dfs_endpoint = "https://iopfimsopfuncst.dfs.core.windows.net/" -> null
- primary_dfs_host = "iopfimsopfuncst.dfs.core.windows.net" -> null
- primary_file_endpoint = "https://iopfimsopfuncst.file.core.windows.net/" -> null
- primary_file_host = "iopfimsopfuncst.file.core.windows.net" -> null
- primary_location = "westeurope" -> null
- primary_queue_endpoint = "https://iopfimsopfuncst.queue.core.windows.net/" -> null
- primary_queue_host = "iopfimsopfuncst.queue.core.windows.net" -> null
- primary_table_endpoint = "https://iopfimsopfuncst.table.core.windows.net/" -> null
- primary_table_host = "iopfimsopfuncst.table.core.windows.net" -> null
- primary_web_endpoint = "https://iopfimsopfuncst.z6.web.core.windows.net/" -> null
- primary_web_host = "iopfimsopfuncst.z6.web.core.windows.net" -> null
- public_network_access_enabled = true -> null
- queue_encryption_key_type = "Service" -> null
- resource_group_name = "io-p-fims-rg" -> null
- secondary_access_key = (sensitive value) -> null
- secondary_connection_string = (sensitive value) -> null
- sftp_enabled = false -> null
- shared_access_key_enabled = true -> null
- table_encryption_key_type = "Service" -> null
- tags = {
- "CostCenter" = "TS310 - PAGAMENTI & SERVIZI"
- "CreatedBy" = "Terraform"
- "Environment" = "Prod"
- "Owner" = "IO Comunicazione"
- "Source" = "https://github.com/pagopa/io-fims/blob/main/infra/prod/westeurope"
} -> null
- blob_properties {
- change_feed_enabled = false -> null
- change_feed_retention_in_days = 0 -> null
- last_access_time_enabled = false -> null
- versioning_enabled = false -> null
}
- network_rules {
- bypass = [
- "AzureServices",
] -> null
- default_action = "Allow" -> null
- ip_rules = [] -> null
- virtual_network_subnet_ids = [] -> null
}
- queue_properties {
- hour_metrics {
- enabled = true -> null
- include_apis = true -> null
- retention_policy_days = 7 -> null
- version = "1.0" -> null
}
- logging {
- delete = false -> null
- read = false -> null
- retention_policy_days = 0 -> null
- version = "1.0" -> null
- write = false -> null
}
- minute_metrics {
- enabled = false -> null
- include_apis = false -> null
- retention_policy_days = 0 -> null
- version = "1.0" -> null
}
}
- share_properties {
- retention_policy {
- days = 7 -> null
}
}
}
Plan: 9 to add, 1 to change, 29 to destroy.
Changes to Outputs:
- apim = {
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-internal/providers/Microsoft.ApiManagement/service/io-p-apim-v2-api"
- name = "io-p-apim-v2-api"
} -> null
- app_service_openid_provider = {
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.Web/sites/io-p-fims-openid-provider-app"
- name = "io-p-fims-openid-provider-app"
} -> null
- cosmos_fims = {
- account = {
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.DocumentDB/databaseAccounts/io-p-fims-cosmos"
- name = "io-p-fims-cosmos"
}
- database = {
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg/providers/Microsoft.DocumentDB/databaseAccounts/io-p-fims-cosmos/sqlDatabases/fims"
- name = "fims"
}
} -> null
- resource_group_fims = {
- id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-fims-rg"
- name = "io-p-fims-rg"
} -> null
Warning: Argument is deprecated
with module.key_vaults.module.key_vault.azurerm_monitor_diagnostic_setting.key_vault,
on .terraform/modules/key_vaults.key_vault/key_vault/main.tf line 55, in resource "azurerm_monitor_diagnostic_setting" "key_vault":
55: resource "azurerm_monitor_diagnostic_setting" "key_vault" {
`retention_policy` has been deprecated in favor of
`azurerm_storage_management_policy` resource - to learn more
https://aka.ms/diagnostic_settings_log_retention
(and 2 more similar warnings elsewhere)
─────────────────────────────────────────────────────────────────────────────
Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.
|
github-actions
bot
added
the
external-interface-changes
lucacavallaro
force-pushed
the
IOCOM-1334-auth-code-flow
branch
from
71893ee to
a20f9f6
Compare
Garma00
reviewed
May 20, 2024
apps/op-app/src/adapters/outbound/cosmos/oidc/grantable-adapter.ts
Outdated
Show resolved
Hide resolved
apps/op-app/src/adapters/outbound/cosmos/oidc/session-adapter.ts
Outdated
Show resolved
Hide resolved
lucacavallaro
force-pushed
the
IOCOM-1334-auth-code-flow
branch
from
a20f9f6 to
0fb5a02
Compare
lucacavallaro
force-pushed
the
IOCOM-1334-auth-code-flow
branch
from
0fb5a02 to
eced103
Compare
lucacavallaro
force-pushed
the
IOCOM-1334-auth-code-flow
branch
from
eced103 to
933f9ac
Compare
Done in afa45c1 ✅ |
Garma00
approved these changes
May 20, 2024
lucacavallaro
force-pushed
the
IOCOM-1334-auth-code-flow
branch
from
b345f39 to
057c5f0
Compare
lucacavallaro
force-pushed
the
IOCOM-1334-auth-code-flow
branch
from
057c5f0 to
cc545e0
Compare
lucacavallaro
force-pushed
the
IOCOM-1334-auth-code-flow
branch
from
cc545e0 to
a4ab0f8
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
List of changes
op-appworkspace, that expose an express application withoidc-providerconfigured to enable the Authentication Code Flowoidc-provideradapter for persistence to use only Cosmos Point Reads instead of cross-partition-query and non-efficient lookups.fp-tsabstractions overoidc-provideropenid-providerworkspaceWhat's missing
consentandloginscreens, they will be implemented in subsequents changes (we could not use the old consent screen because it is web-based. Our now flow has a native consent screen).Motivation and context
Our
oidc-providerimplementation was tied to Implicit Flow that is no longer recommended.Type of changes
Env to apply
Does this introduce a change to production resources with possible user impact?
Does this introduce an unwanted change on infrastructure? Check terraform plan execution result
Other information
If PR is partially applied, why? (reserved to mantainers)