Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove unused code for person_table in dynamo.tf #2

Merged
merged 1 commit into from
Jan 26, 2024
Merged

Remove unused code for person_table in dynamo.tf #2

merged 1 commit into from
Jan 26, 2024

Conversation

FloRul
Copy link
Owner

@FloRul FloRul commented Jan 26, 2024

No description provided.

@FloRul FloRul merged commit f8ae7ad into main Jan 26, 2024
1 check passed
@github-actions GitHub Actions
Copy link

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖success

Validation Output 

Success! The configuration is valid.

Terraform Plan 📖success

Show Plan 

terraform
module.memory.module.lambda_function_container_image.data.aws_iam_policy_document.assume_role[0]: Reading...
module.ingestion.module.lambda_function_container_image.data.aws_caller_identity.current: Reading...
module.memory.module.lambda_function_container_image.data.aws_caller_identity.current: Reading...
module.inference.module.lambda_function_container_image.data.aws_region.current: Reading...
data.aws_ami.latest_amazon_linux: Reading...
module.ingestion.module.lambda_function_container_image.data.aws_region.current: Reading...
module.memory.module.lambda_function_container_image.data.aws_iam_policy_document.additional_inline[0]: Reading...
module.ingestion.module.lambda_function_container_image.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.memory.module.lambda_function_container_image.data.aws_partition.current: Reading...
module.inference.module.lambda_function_container_image.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.memory.module.lambda_function_container_image.data.aws_iam_policy_document.assume_role[0]: Read complete after 0s [id=2690255455]
module.memory.module.lambda_function_container_image.data.aws_partition.current: Read complete after 0s [id=aws]
module.memory.module.lambda_function_container_image.data.aws_region.current: Reading...
module.memory.module.lambda_function_container_image.data.aws_iam_policy_document.additional_inline[0]: Read complete after 0s [id=3277652423]
data.aws_availability_zones.available: Reading...
module.memory.module.lambda_function_container_image.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.inference.module.lambda_function_container_image.data.aws_partition.current: Reading...
module.ingestion.module.lambda_function_container_image.data.aws_partition.current: Reading...
module.inference.module.lambda_function_container_image.data.aws_partition.current: Read complete after 0s [id=aws]
module.ingestion.module.lambda_function_container_image.data.aws_partition.current: Read complete after 0s [id=aws]
module.ingestion.module.lambda_function_container_image.data.aws_iam_policy_document.assume_role[0]: Reading...
module.inference.module.lambda_function_container_image.data.aws_caller_identity.current: Reading...
module.inference.module.lambda_function_container_image.data.aws_iam_policy_document.assume_role[0]: Reading...
module.inference.module.lambda_function_container_image.data.aws_iam_policy_document.assume_role[0]: Read complete after 0s [id=2690255455]
module.ingestion.module.lambda_function_container_image.data.aws_iam_policy_document.assume_role[0]: Read complete after 0s [id=2690255455]
module.ingestion.module.lambda_function_container_image.data.aws_caller_identity.current: Read complete after 0s [id=446872271111]
module.memory.module.lambda_function_container_image.data.aws_caller_identity.current: Read complete after 0s [id=446872271111]
module.inference.module.lambda_function_container_image.data.aws_caller_identity.current: Read complete after 0s [id=446872271111]
data.aws_availability_zones.available: Read complete after 1s [id=us-east-1]
data.aws_ami.latest_amazon_linux: Read complete after 1s [id=ami-046eeba8a7f7bbefd]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create
 <= read (data resources)

Terraform will perform the following actions:

  # data.aws_secretsmanager_secret.password will be read during apply
  # (config refers to values not yet known)
 <= data "aws_secretsmanager_secret" "password" {
      + arn               = (known after apply)
      + created_date      = (known after apply)
      + description       = (known after apply)
      + id                = (known after apply)
      + kms_key_id        = (known after apply)
      + last_changed_date = (known after apply)
      + name              = (known after apply)
      + policy            = (known after apply)
      + tags              = (known after apply)
    }

  # data.aws_secretsmanager_secret_version.password will be read during apply
  # (config refers to values not yet known)
 <= data "aws_secretsmanager_secret_version" "password" {
      + arn            = (known after apply)
      + created_date   = (known after apply)
      + id             = (known after apply)
      + secret_binary  = (sensitive value)
      + secret_id      = (known after apply)
      + secret_string  = (sensitive value)
      + version_id     = (known after apply)
      + version_stages = (known after apply)
    }

  # aws_db_instance.vector_db will be created
  + resource "aws_db_instance" "vector_db" {
      + address                               = (known after apply)
      + allocated_storage                     = 10
      + allow_major_version_upgrade           = true
      + apply_immediately                     = true
      + arn                                   = (known after apply)
      + auto_minor_version_upgrade            = true
      + availability_zone                     = (known after apply)
      + backup_retention_period               = (known after apply)
      + backup_target                         = (known after apply)
      + backup_window                         = (known after apply)
      + ca_cert_identifier                    = (known after apply)
      + character_set_name                    = (known after apply)
      + copy_tags_to_snapshot                 = false
      + db_name                               = "vector_db_dev"
      + db_subnet_group_name                  = (known after apply)
      + delete_automated_backups              = true
      + endpoint                              = (known after apply)
      + engine                                = "postgres"
      + engine_version                        = "15.5"
      + engine_version_actual                 = (known after apply)
      + hosted_zone_id                        = (known after apply)
      + id                                    = (known after apply)
      + identifier                            = "vector-db-dev"
      + identifier_prefix                     = (known after apply)
      + instance_class                        = "db.t3.micro"
      + iops                                  = (known after apply)
      + kms_key_id                            = (known after apply)
      + latest_restorable_time                = (known after apply)
      + license_model                         = (known after apply)
      + listener_endpoint                     = (known after apply)
      + maintenance_window                    = (known after apply)
      + master_user_secret                    = (known after apply)
      + master_user_secret_kms_key_id         = (known after apply)
      + monitoring_interval                   = 0
      + monitoring_role_arn                   = (known after apply)
      + multi_az                              = (known after apply)
      + nchar_character_set_name              = (known after apply)
      + network_type                          = (known after apply)
      + option_group_name                     = (known after apply)
      + parameter_group_name                  = "rds-pg"
      + password                              = (sensitive value)
      + performance_insights_enabled          = false
      + performance_insights_kms_key_id       = (known after apply)
      + performance_insights_retention_period = (known after apply)
      + port                                  = 5432
      + publicly_accessible                   = false
      + replica_mode                          = (known after apply)
      + replicas                              = (known after apply)
      + resource_id                           = (known after apply)
      + skip_final_snapshot                   = true
      + snapshot_identifier                   = (known after apply)
      + status                                = (known after apply)
      + storage_throughput                    = (known after apply)
      + storage_type                          = "gp2"
      + tags_all                              = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + timezone                              = (known after apply)
      + username                              = "postgres_admin"
      + vpc_security_group_ids                = (known after apply)
    }

  # aws_db_parameter_group.default will be created
  + resource "aws_db_parameter_group" "default" {
      + arn         = (known after apply)
      + description = "Managed by Terraform"
      + family      = "postgres15"
      + id          = (known after apply)
      + name        = "rds-pg"
      + name_prefix = (known after apply)
      + tags_all    = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }

      + parameter {
          + apply_method = "immediate"
          + name         = "rds.force_ssl"
          + value        = "0"
        }
    }

  # aws_instance.jumpbox will be created
  + resource "aws_instance" "jumpbox" {
      + ami                                  = "ami-046eeba8a7f7bbefd"
      + arn                                  = (known after apply)
      + associate_public_ip_address          = true
      + availability_zone                    = (known after apply)
      + cpu_core_count                       = (known after apply)
      + cpu_threads_per_core                 = (known after apply)
      + disable_api_stop                     = (known after apply)
      + disable_api_termination              = (known after apply)
      + ebs_optimized                        = (known after apply)
      + get_password_data                    = false
      + host_id                              = (known after apply)
      + host_resource_group_arn              = (known after apply)
      + iam_instance_profile                 = (known after apply)
      + id                                   = (known after apply)
      + instance_initiated_shutdown_behavior = (known after apply)
      + instance_lifecycle                   = (known after apply)
      + instance_state                       = (known after apply)
      + instance_type                        = "t2.micro"
      + ipv6_address_count                   = (known after apply)
      + ipv6_addresses                       = (known after apply)
      + key_name                             = "bastion-rds-dev"
      + monitoring                           = (known after apply)
      + outpost_arn                          = (known after apply)
      + password_data                        = (known after apply)
      + placement_group                      = (known after apply)
      + placement_partition_number           = (known after apply)
      + primary_network_interface_id         = (known after apply)
      + private_dns                          = (known after apply)
      + private_ip                           = (known after apply)
      + public_dns                           = (known after apply)
      + public_ip                            = (known after apply)
      + secondary_private_ips                = (known after apply)
      + security_groups                      = (known after apply)
      + source_dest_check                    = true
      + spot_instance_request_id             = (known after apply)
      + subnet_id                            = (known after apply)
      + tags                                 = {
          + "Name" = "jumpbox-instance-dev"
        }
      + tags_all                             = {
          + "Environment" = "dev-dev"
          + "Name"        = "jumpbox-instance-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + tenancy                              = (known after apply)
      + user_data                            = (known after apply)
      + user_data_base64                     = (known after apply)
      + user_data_replace_on_change          = false
      + vpc_security_group_ids               = (known after apply)
    }

  # aws_secretsmanager_secret.password will be created
  + resource "aws_secretsmanager_secret" "password" {
      + arn                            = (known after apply)
      + force_overwrite_replica_secret = false
      + id                             = (known after apply)
      + name                           = (known after apply)
      + name_prefix                    = (known after apply)
      + policy                         = (known after apply)
      + recovery_window_in_days        = 30
      + tags_all                       = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
    }

  # aws_secretsmanager_secret_version.password will be created
  + resource "aws_secretsmanager_secret_version" "password" {
      + arn            = (known after apply)
      + id             = (known after apply)
      + secret_id      = (known after apply)
      + secret_string  = (sensitive value)
      + version_id     = (known after apply)
      + version_stages = (known after apply)
    }

  # aws_security_group.bedrock_sg will be created
  + resource "aws_security_group" "bedrock_sg" {
      + arn                    = (known after apply)
      + description            = "Managed by Terraform"
      + egress                 = (known after apply)
      + id                     = (known after apply)
      + ingress                = [
          + {
              + cidr_blocks      = []
              + description      = "Bedrock runtime sg"
              + from_port        = 0
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "-1"
              + security_groups  = (known after apply)
              + self             = false
              + to_port          = 0
            },
        ]
      + name                   = "bedrock-runtime-sg-dev"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags_all               = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # aws_security_group.database_sg will be created
  + resource "aws_security_group" "database_sg" {
      + arn                    = (known after apply)
      + description            = "Managed by Terraform"
      + egress                 = (known after apply)
      + id                     = (known after apply)
      + ingress                = [
          + {
              + cidr_blocks      = []
              + description      = "VectorDB ingress"
              + from_port        = 5432
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "tcp"
              + security_groups  = (known after apply)
              + self             = false
              + to_port          = 5432
            },
        ]
      + name                   = "database-sg-main-dev"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags_all               = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # aws_security_group.dynamo_db_sg will be created
  + resource "aws_security_group" "dynamo_db_sg" {
      + arn                    = (known after apply)
      + description            = "Managed by Terraform"
      + egress                 = (known after apply)
      + id                     = (known after apply)
      + ingress                = [
          + {
              + cidr_blocks      = []
              + description      = "Dynamo DB ingress"
              + from_port        = 443
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "tcp"
              + security_groups  = (known after apply)
              + self             = false
              + to_port          = 443
            },
        ]
      + name                   = "dynamo-sg-dev"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags_all               = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # aws_security_group.jumpbox_sg will be created
  + resource "aws_security_group" "jumpbox_sg" {
      + arn                    = (known after apply)
      + description            = "Managed by Terraform"
      + egress                 = [
          + {
              + cidr_blocks      = [
                  + "0.0.0.0/0",
                ]
              + description      = ""
              + from_port        = 0
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "-1"
              + security_groups  = []
              + self             = false
              + to_port          = 0
            },
        ]
      + id                     = (known after apply)
      + ingress                = [
          + {
              + cidr_blocks      = [
                  + "0.0.0.0/0",
                ]
              + description      = ""
              + from_port        = 22
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "tcp"
              + security_groups  = []
              + self             = false
              + to_port          = 22
            },
        ]
      + name                   = "jumpbox-sg-dev"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags_all               = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # aws_security_group.lambda_inference_sg will be created
  + resource "aws_security_group" "lambda_inference_sg" {
      + arn                    = (known after apply)
      + description            = "Managed by Terraform"
      + egress                 = [
          + {
              + cidr_blocks      = [
                  + "0.0.0.0/0",
                ]
              + description      = "Lambda Inference"
              + from_port        = 0
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "-1"
              + security_groups  = []
              + self             = false
              + to_port          = 0
            },
        ]
      + id                     = (known after apply)
      + ingress                = (known after apply)
      + name                   = "lambda-inference-sg-dev"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags_all               = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # aws_security_group.lambda_ingestion_sg will be created
  + resource "aws_security_group" "lambda_ingestion_sg" {
      + arn                    = (known after apply)
      + description            = "Managed by Terraform"
      + egress                 = [
          + {
              + cidr_blocks      = [
                  + "0.0.0.0/0",
                ]
              + description      = "Lambda Ingestion"
              + from_port        = 0
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "-1"
              + security_groups  = []
              + self             = false
              + to_port          = 0
            },
        ]
      + id                     = (known after apply)
      + ingress                = (known after apply)
      + name                   = "lambda-ingestion-sg-dev"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags_all               = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # aws_security_group.lambda_memory_sg will be created
  + resource "aws_security_group" "lambda_memory_sg" {
      + arn                    = (known after apply)
      + description            = "Managed by Terraform"
      + egress                 = [
          + {
              + cidr_blocks      = [
                  + "0.0.0.0/0",
                ]
              + description      = "Lambda Memory"
              + from_port        = 0
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "-1"
              + security_groups  = []
              + self             = false
              + to_port          = 0
            },
        ]
      + id                     = (known after apply)
      + ingress                = (known after apply)
      + name                   = "lambda-memory-sg-dev"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags_all               = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # aws_security_group.sm_sg will be created
  + resource "aws_security_group" "sm_sg" {
      + arn                    = (known after apply)
      + description            = "Managed by Terraform"
      + egress                 = (known after apply)
      + id                     = (known after apply)
      + ingress                = [
          + {
              + cidr_blocks      = []
              + description      = "Secrets Manager"
              + from_port        = 0
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "-1"
              + security_groups  = (known after apply)
              + self             = false
              + to_port          = 0
            },
        ]
      + name                   = "secret-manager-sg-dev"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags_all               = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # aws_vpc_endpoint.bedrock_endpoint will be created
  + resource "aws_vpc_endpoint" "bedrock_endpoint" {
      + arn                   = (known after apply)
      + cidr_blocks           = (known after apply)
      + dns_entry             = (known after apply)
      + id                    = (known after apply)
      + ip_address_type       = (known after apply)
      + network_interface_ids = (known after apply)
      + owner_id              = (known after apply)
      + policy                = (known after apply)
      + prefix_list_id        = (known after apply)
      + private_dns_enabled   = true
      + requester_managed     = (known after apply)
      + route_table_ids       = (known after apply)
      + security_group_ids    = (known after apply)
      + service_name          = "com.amazonaws.us-east-1.bedrock-runtime"
      + state                 = (known after apply)
      + subnet_ids            = (known after apply)
      + tags_all              = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_endpoint_type     = "Interface"
      + vpc_id                = (known after apply)
    }

  # aws_vpc_endpoint.dynamo_db_endpoint will be created
  + resource "aws_vpc_endpoint" "dynamo_db_endpoint" {
      + arn                   = (known after apply)
      + cidr_blocks           = (known after apply)
      + dns_entry             = (known after apply)
      + id                    = (known after apply)
      + ip_address_type       = (known after apply)
      + network_interface_ids = (known after apply)
      + owner_id              = (known after apply)
      + policy                = (known after apply)
      + prefix_list_id        = (known after apply)
      + private_dns_enabled   = false
      + requester_managed     = (known after apply)
      + route_table_ids       = (known after apply)
      + security_group_ids    = (known after apply)
      + service_name          = "com.amazonaws.us-east-1.dynamodb"
      + state                 = (known after apply)
      + subnet_ids            = (known after apply)
      + tags_all              = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_endpoint_type     = "Gateway"
      + vpc_id                = (known after apply)
    }

  # aws_vpc_endpoint.lambda_endpoint will be created
  + resource "aws_vpc_endpoint" "lambda_endpoint" {
      + arn                   = (known after apply)
      + cidr_blocks           = (known after apply)
      + dns_entry             = (known after apply)
      + id                    = (known after apply)
      + ip_address_type       = (known after apply)
      + network_interface_ids = (known after apply)
      + owner_id              = (known after apply)
      + policy                = (known after apply)
      + prefix_list_id        = (known after apply)
      + private_dns_enabled   = true
      + requester_managed     = (known after apply)
      + route_table_ids       = (known after apply)
      + security_group_ids    = (known after apply)
      + service_name          = "com.amazonaws.us-east-1.lambda"
      + state                 = (known after apply)
      + subnet_ids            = (known after apply)
      + tags_all              = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_endpoint_type     = "Interface"
      + vpc_id                = (known after apply)
    }

  # aws_vpc_endpoint.s3_endpoint will be created
  + resource "aws_vpc_endpoint" "s3_endpoint" {
      + arn                   = (known after apply)
      + cidr_blocks           = (known after apply)
      + dns_entry             = (known after apply)
      + id                    = (known after apply)
      + ip_address_type       = (known after apply)
      + network_interface_ids = (known after apply)
      + owner_id              = (known after apply)
      + policy                = (known after apply)
      + prefix_list_id        = (known after apply)
      + private_dns_enabled   = false
      + requester_managed     = (known after apply)
      + route_table_ids       = (known after apply)
      + security_group_ids    = (known after apply)
      + service_name          = "com.amazonaws.us-east-1.s3"
      + state                 = (known after apply)
      + subnet_ids            = (known after apply)
      + tags_all              = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_endpoint_type     = "Gateway"
      + vpc_id                = (known after apply)
    }

  # aws_vpc_endpoint.secrets_manager_endpoint will be created
  + resource "aws_vpc_endpoint" "secrets_manager_endpoint" {
      + arn                   = (known after apply)
      + cidr_blocks           = (known after apply)
      + dns_entry             = (known after apply)
      + id                    = (known after apply)
      + ip_address_type       = (known after apply)
      + network_interface_ids = (known after apply)
      + owner_id              = (known after apply)
      + policy                = (known after apply)
      + prefix_list_id        = (known after apply)
      + private_dns_enabled   = true
      + requester_managed     = (known after apply)
      + route_table_ids       = (known after apply)
      + security_group_ids    = (known after apply)
      + service_name          = "com.amazonaws.us-east-1.secretsmanager"
      + state                 = (known after apply)
      + subnet_ids            = (known after apply)
      + tags_all              = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_endpoint_type     = "Interface"
      + vpc_id                = (known after apply)
    }

  # random_password.master will be created
  + resource "random_password" "master" {
      + bcrypt_hash      = (sensitive value)
      + id               = (known after apply)
      + length           = 16
      + lower            = true
      + min_lower        = 0
      + min_numeric      = 0
      + min_special      = 0
      + min_upper        = 0
      + number           = true
      + numeric          = true
      + override_special = "_!%^"
      + result           = (sensitive value)
      + special          = true
      + upper            = true
    }

  # random_pet.secret_name will be created
  + resource "random_pet" "secret_name" {
      + id        = (known after apply)
      + length    = 3
      + separator = "-"
    }

  # module.ingestion.data.aws_iam_policy_document.sqs_policy will be read during apply
  # (config refers to values not yet known)
 <= data "aws_iam_policy_document" "sqs_policy" {
      + id   = (known after apply)
      + json = (known after apply)

      + statement {
          + actions   = [
              + "sqs:SendMessage",
            ]
          + effect    = "Allow"
          + resources = [
              + "arn:aws:sqs:us-east-1:*:levio-demo-fev-ingestion-queue-dev",
            ]

          + condition {
              + test     = "ArnLike"
              + values   = [
                  + (known after apply),
                ]
              + variable = "aws:SourceArn"
            }

          + principals {
              + identifiers = [
                  + "s3.amazonaws.com",
                ]
              + type        = "Service"
            }
        }
    }

  # module.ingestion.aws_lambda_event_source_mapping.event_source_mapping will be created
  + resource "aws_lambda_event_source_mapping" "event_source_mapping" {
      + batch_size                    = 1
      + enabled                       = true
      + event_source_arn              = (known after apply)
      + function_arn                  = (known after apply)
      + function_name                 = "levio-demo-fev-ingestion-dev"
      + id                            = (known after apply)
      + last_modified                 = (known after apply)
      + last_processing_result        = (known after apply)
      + maximum_record_age_in_seconds = (known after apply)
      + maximum_retry_attempts        = (known after apply)
      + parallelization_factor        = (known after apply)
      + state                         = (known after apply)
      + state_transition_reason       = (known after apply)
      + uuid                          = (known after apply)
    }

  # module.ingestion.aws_s3_bucket.ingestion_source_storage will be created
  + resource "aws_s3_bucket" "ingestion_source_storage" {
      + acceleration_status         = (known after apply)
      + acl                         = (known after apply)
      + arn                         = (known after apply)
      + bucket                      = "levio-demo-fev-storage-dev"
      + bucket_domain_name          = (known after apply)
      + bucket_prefix               = (known after apply)
      + bucket_regional_domain_name = (known after apply)
      + force_destroy               = false
      + hosted_zone_id              = (known after apply)
      + id                          = (known after apply)
      + object_lock_enabled         = (known after apply)
      + policy                      = (known after apply)
      + region                      = (known after apply)
      + request_payer               = (known after apply)
      + tags_all                    = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + website_domain              = (known after apply)
      + website_endpoint            = (known after apply)
    }

  # module.ingestion.aws_s3_bucket_notification.bucket_notification will be created
  + resource "aws_s3_bucket_notification" "bucket_notification" {
      + bucket      = (known after apply)
      + eventbridge = false
      + id          = (known after apply)

      + queue {
          + events        = [
              + "s3:ObjectCreated:*",
              + "s3:ObjectRemoved:*",
            ]
          + filter_suffix = ".pdf"
          + id            = (known after apply)
          + queue_arn     = (known after apply)
        }
    }

  # module.ingestion.aws_sqs_queue.dead_letter_queue will be created
  + resource "aws_sqs_queue" "dead_letter_queue" {
      + arn                               = (known after apply)
      + content_based_deduplication       = false
      + deduplication_scope               = (known after apply)
      + delay_seconds                     = 0
      + fifo_queue                        = false
      + fifo_throughput_limit             = (known after apply)
      + id                                = (known after apply)
      + kms_data_key_reuse_period_seconds = (known after apply)
      + max_message_size                  = 262144
      + message_retention_seconds         = 345600
      + name                              = "levio-demo-fev-ingestion-queue-dev_dead_letter"
      + name_prefix                       = (known after apply)
      + policy                            = (known after apply)
      + receive_wait_time_seconds         = 0
      + redrive_allow_policy              = (known after apply)
      + redrive_policy                    = (known after apply)
      + sqs_managed_sse_enabled           = (known after apply)
      + tags_all                          = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + url                               = (known after apply)
      + visibility_timeout_seconds        = 30
    }

  # module.ingestion.aws_sqs_queue.queue will be created
  + resource "aws_sqs_queue" "queue" {
      + arn                               = (known after apply)
      + content_based_deduplication       = false
      + deduplication_scope               = (known after apply)
      + delay_seconds                     = 0
      + fifo_queue                        = false
      + fifo_throughput_limit             = (known after apply)
      + id                                = (known after apply)
      + kms_data_key_reuse_period_seconds = (known after apply)
      + max_message_size                  = 262144
      + message_retention_seconds         = 345600
      + name                              = "levio-demo-fev-ingestion-queue-dev"
      + name_prefix                       = (known after apply)
      + policy                            = (known after apply)
      + receive_wait_time_seconds         = 0
      + redrive_allow_policy              = (known after apply)
      + redrive_policy                    = (known after apply)
      + sqs_managed_sse_enabled           = (known after apply)
      + tags_all                          = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + url                               = (known after apply)
      + visibility_timeout_seconds        = 30
    }

  # module.ingestion.aws_sqs_queue_policy.sqs_policy will be created
  + resource "aws_sqs_queue_policy" "sqs_policy" {
      + id        = (known after apply)
      + policy    = (known after apply)
      + queue_url = (known after apply)
    }

  # module.memory.aws_dynamodb_table.basic-conversation_memory_table-table will be created
  + resource "aws_dynamodb_table" "basic-conversation_memory_table-table" {
      + arn              = (known after apply)
      + billing_mode     = "PAY_PER_REQUEST"
      + hash_key         = "SessionId"
      + id               = (known after apply)
      + name             = "levio-demo-fev-chat-history-dev"
      + range_key        = "SK"
      + read_capacity    = (known after apply)
      + stream_arn       = (known after apply)
      + stream_label     = (known after apply)
      + stream_view_type = (known after apply)
      + tags_all         = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + write_capacity   = (known after apply)

      + attribute {
          + name = "SK"
          + type = "S"
        }
      + attribute {
          + name = "SessionId"
          + type = "S"
        }
    }

  # module.vpc.aws_db_subnet_group.database[0] will be created
  + resource "aws_db_subnet_group" "database" {
      + arn                     = (known after apply)
      + description             = "Database subnet group for ex-terraform-dev"
      + id                      = (known after apply)
      + name                    = "ex-terraform-dev"
      + name_prefix             = (known after apply)
      + subnet_ids              = (known after apply)
      + supported_network_types = (known after apply)
      + tags                    = {
          + "Name" = "ex-terraform-dev"
        }
      + tags_all                = {
          + "Environment" = "dev-dev"
          + "Name"        = "ex-terraform-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id                  = (known after apply)
    }

  # module.vpc.aws_default_network_acl.this[0] will be created
  + resource "aws_default_network_acl" "this" {
      + arn                    = (known after apply)
      + default_network_acl_id = (known after apply)
      + id                     = (known after apply)
      + owner_id               = (known after apply)
      + tags                   = {
          + "Name" = "ex-terraform-dev-default"
        }
      + tags_all               = {
          + "Environment" = "dev-dev"
          + "Name"        = "ex-terraform-dev-default"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id                 = (known after apply)

      + egress {
          + action          = "allow"
          + from_port       = 0
          + ipv6_cidr_block = "::/0"
          + protocol        = "-1"
          + rule_no         = 101
          + to_port         = 0
        }
      + egress {
          + action     = "allow"
          + cidr_block = "0.0.0.0/0"
          + from_port  = 0
          + protocol   = "-1"
          + rule_no    = 100
          + to_port    = 0
        }

      + ingress {
          + action          = "allow"
          + from_port       = 0
          + ipv6_cidr_block = "::/0"
          + protocol        = "-1"
          + rule_no         = 101
          + to_port         = 0
        }
      + ingress {
          + action     = "allow"
          + cidr_block = "0.0.0.0/0"
          + from_port  = 0
          + protocol   = "-1"
          + rule_no    = 100
          + to_port    = 0
        }
    }

  # module.vpc.aws_default_route_table.default[0] will be created
  + resource "aws_default_route_table" "default" {
      + arn                    = (known after apply)
      + default_route_table_id = (known after apply)
      + id                     = (known after apply)
      + owner_id               = (known after apply)
      + route                  = (known after apply)
      + tags                   = {
          + "Name" = "ex-terraform-dev-default"
        }
      + tags_all               = {
          + "Environment" = "dev-dev"
          + "Name"        = "ex-terraform-dev-default"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id                 = (known after apply)

      + timeouts {
          + create = "5m"
          + update = "5m"
        }
    }

  # module.vpc.aws_default_security_group.this[0] will be created
  + resource "aws_default_security_group" "this" {
      + arn                    = (known after apply)
      + description            = (known after apply)
      + egress                 = (known after apply)
      + id                     = (known after apply)
      + ingress                = (known after apply)
      + name                   = (known after apply)
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags                   = {
          + "Name" = "ex-terraform-dev-default"
        }
      + tags_all               = {
          + "Environment" = "dev-dev"
          + "Name"        = "ex-terraform-dev-default"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # module.vpc.aws_internet_gateway.this[0] will be created
  + resource "aws_internet_gateway" "this" {
      + arn      = (known after apply)
      + id       = (known after apply)
      + owner_id = (known after apply)
      + tags     = {
          + "Name" = "ex-terraform-dev"
        }
      + tags_all = {
          + "Environment" = "dev-dev"
          + "Name"        = "ex-terraform-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id   = (known after apply)
    }

  # module.vpc.aws_route.public_internet_gateway[0] will be created
  + resource "aws_route" "public_internet_gateway" {
      + destination_cidr_block = "0.0.0.0/0"
      + gateway_id             = (known after apply)
      + id                     = (known after apply)
      + instance_id            = (known after apply)
      + instance_owner_id      = (known after apply)
      + network_interface_id   = (known after apply)
      + origin                 = (known after apply)
      + route_table_id         = (known after apply)
      + state                  = (known after apply)

      + timeouts {
          + create = "5m"
        }
    }

  # module.vpc.aws_route_table.database[0] will be created
  + resource "aws_route_table" "database" {
      + arn              = (known after apply)
      + id               = (known after apply)
      + owner_id         = (known after apply)
      + propagating_vgws = (known after apply)
      + route            = (known after apply)
      + tags             = {
          + "Name" = "ex-terraform-dev-db-us-east-1a"
        }
      + tags_all         = {
          + "Environment" = "dev-dev"
          + "Name"        = "ex-terraform-dev-db-us-east-1a"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id           = (known after apply)
    }

  # module.vpc.aws_route_table.database[1] will be created
  + resource "aws_route_table" "database" {
      + arn              = (known after apply)
      + id               = (known after apply)
      + owner_id         = (known after apply)
      + propagating_vgws = (known after apply)
      + route            = (known after apply)
      + tags             = {
          + "Name" = "ex-terraform-dev-db-us-east-1b"
        }
      + tags_all         = {
          + "Environment" = "dev-dev"
          + "Name"        = "ex-terraform-dev-db-us-east-1b"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id           = (known after apply)
    }

  # module.vpc.aws_route_table.public[0] will be created
  + resource "aws_route_table" "public" {
      + arn              = (known after apply)
      + id               = (known after apply)
      + owner_id         = (known after apply)
      + propagating_vgws = (known after apply)
      + route            = (known after apply)
      + tags             = {
          + "Name" = "ex-terraform-dev-public"
        }
      + tags_all         = {
          + "Environment" = "dev-dev"
          + "Name"        = "ex-terraform-dev-public"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id           = (known after apply)
    }

  # module.vpc.aws_route_table_association.database[0] will be created
  + resource "aws_route_table_association" "database" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.vpc.aws_route_table_association.database[1] will be created
  + resource "aws_route_table_association" "database" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.vpc.aws_route_table_association.public[0] will be created
  + resource "aws_route_table_association" "public" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.vpc.aws_route_table_association.public[1] will be created
  + resource "aws_route_table_association" "public" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.vpc.aws_subnet.database[0] will be created
  + resource "aws_subnet" "database" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "us-east-1a"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.0.4.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_public_ip_on_launch                        = false
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Name" = "ex-terraform-dev-db-us-east-1a"
        }
      + tags_all                                       = {
          + "Environment" = "dev-dev"
          + "Name"        = "ex-terraform-dev-db-us-east-1a"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.vpc.aws_subnet.database[1] will be created
  + resource "aws_subnet" "database" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "us-east-1b"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.0.5.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_public_ip_on_launch                        = false
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Name" = "ex-terraform-dev-db-us-east-1b"
        }
      + tags_all                                       = {
          + "Environment" = "dev-dev"
          + "Name"        = "ex-terraform-dev-db-us-east-1b"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.vpc.aws_subnet.public[0] will be created
  + resource "aws_subnet" "public" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "us-east-1a"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.0.0.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_public_ip_on_launch                        = false
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Name" = "ex-terraform-dev-public-us-east-1a"
        }
      + tags_all                                       = {
          + "Environment" = "dev-dev"
          + "Name"        = "ex-terraform-dev-public-us-east-1a"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.vpc.aws_subnet.public[1] will be created
  + resource "aws_subnet" "public" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "us-east-1b"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.0.1.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_public_ip_on_launch                        = false
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Name" = "ex-terraform-dev-public-us-east-1b"
        }
      + tags_all                                       = {
          + "Environment" = "dev-dev"
          + "Name"        = "ex-terraform-dev-public-us-east-1b"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.vpc.aws_vpc.this[0] will be created
  + resource "aws_vpc" "this" {
      + arn                                  = (known after apply)
      + cidr_block                           = "10.0.0.0/16"
      + default_network_acl_id               = (known after apply)
      + default_route_table_id               = (known after apply)
      + default_security_group_id            = (known after apply)
      + dhcp_options_id                      = (known after apply)
      + enable_dns_hostnames                 = true
      + enable_dns_support                   = true
      + enable_network_address_usage_metrics = (known after apply)
      + id                                   = (known after apply)
      + instance_tenancy                     = "default"
      + ipv6_association_id                  = (known after apply)
      + ipv6_cidr_block                      = (known after apply)
      + ipv6_cidr_block_network_border_group = (known after apply)
      + main_route_table_id                  = (known after apply)
      + owner_id                             = (known after apply)
      + tags                                 = {
          + "Name" = "ex-terraform-dev"
        }
      + tags_all                             = {
          + "Environment" = "dev-dev"
          + "Name"        = "ex-terraform-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
    }

  # module.inference.module.lambda_function_container_image.data.aws_iam_policy_document.additional_inline[0] will be read during apply
  # (config refers to values not yet known)
 <= data "aws_iam_policy_document" "additional_inline" {
      + id   = (known after apply)
      + json = (known after apply)

      + statement {
          + actions   = [
              + "ec2:CreateNetworkInterface",
              + "ec2:DeleteNetworkInterface",
              + "ec2:DescribeNetworkInterfaces",
            ]
          + effect    = "Allow"
          + resources = [
              + "*",
            ]
          + sid       = "accessnetworkinterface"
        }
      + statement {
          + actions   = [
              + "bedrock:*",
            ]
          + effect    = "Allow"
          + resources = [
              + "*",
            ]
          + sid       = "bedrockusage"
        }
      + statement {
          + actions   = [
              + "dynamodb:BatchGetItem",
              + "dynamodb:BatchWriteItem",
              + "dynamodb:DeleteItem",
              + "dynamodb:GetItem",
              + "dynamodb:PutItem",
              + "dynamodb:Query",
              + "dynamodb:Scan",
              + "dynamodb:UpdateItem",
            ]
          + effect    = "Allow"
          + resources = [
              + "arn:aws:dynamodb:us-east-1:446872271111:table/levio-demo-fev-chat-history-dev",
            ]
          + sid       = "dynamodb"
        }
      + statement {
          + actions   = [
              + "lambda:InvokeFunction",
            ]
          + effect    = "Allow"
          + resources = [
              + "arn:aws:lambda:us-east-1:446872271111:function:levio-demo-fev-memory-dev",
            ]
          + sid       = "lambda"
        }
      + statement {
          + actions   = [
              + "logs:CreateLogGroup",
            ]
          + effect    = "Allow"
          + resources = [
              + "arn:aws:logs:*:*:*",
            ]
          + sid       = "loggroup"
        }
      + statement {
          + actions   = [
              + "logs:CreateLogStream",
              + "logs:PutLogEvents",
            ]
          + effect    = "Allow"
          + resources = [
              + "arn:aws:logs:*:*:log-group:/aws/levio-demo-fev-inference-dev/*:*",
            ]
          + sid       = "logwrite"
        }
      + statement {
          + actions   = [
              + "rds-db:beginTransaction",
              + "rds-db:commit-transaction",
              + "rds-db:connect",
              + "rds-db:execute-statement",
              + "rds-db:rollback-transaction",
            ]
          + effect    = "Allow"
          + resources = [
              + "arn:aws:rds:us-east-1:446872271111:db:vector_db_dev",
            ]
          + sid       = "rdsconnectreadwrite"
        }
      + statement {
          + actions   = [
              + "secretsmanager:GetSecretValue",
            ]
          + effect    = "Allow"
          + resources = (known after apply)
          + sid       = "secretsmanager"
        }
    }

  # module.inference.module.lambda_function_container_image.data.aws_iam_policy_document.logs[0] will be read during apply
  # (config refers to values not yet known)
 <= data "aws_iam_policy_document" "logs" {
      + id   = (known after apply)
      + json = (known after apply)

      + statement {
          + actions   = [
              + "logs:CreateLogGroup",
              + "logs:CreateLogStream",
              + "logs:PutLogEvents",
            ]
          + effect    = "Allow"
          + resources = (known after apply)
        }
    }

  # module.inference.module.lambda_function_container_image.aws_cloudwatch_log_group.lambda[0] will be created
  + resource "aws_cloudwatch_log_group" "lambda" {
      + arn               = (known after apply)
      + id                = (known after apply)
      + log_group_class   = (known after apply)
      + name              = "/aws/lambda/levio-demo-fev-inference-dev"
      + name_prefix       = (known after apply)
      + retention_in_days = 0
      + skip_destroy      = false
      + tags_all          = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
    }

  # module.inference.module.lambda_function_container_image.aws_iam_policy.additional_inline[0] will be created
  + resource "aws_iam_policy" "additional_inline" {
      + arn         = (known after apply)
      + id          = (known after apply)
      + name        = "levio-demo-fev-inference-dev-role-inline"
      + name_prefix = (known after apply)
      + path        = "/"
      + policy      = (known after apply)
      + policy_id   = (known after apply)
      + tags_all    = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
    }

  # module.inference.module.lambda_function_container_image.aws_iam_policy.logs[0] will be created
  + resource "aws_iam_policy" "logs" {
      + arn         = (known after apply)
      + id          = (known after apply)
      + name        = "levio-demo-fev-inference-dev-role-logs"
      + name_prefix = (known after apply)
      + path        = "/"
      + policy      = (known after apply)
      + policy_id   = (known after apply)
      + tags_all    = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
    }

  # module.inference.module.lambda_function_container_image.aws_iam_role.lambda[0] will be created
  + resource "aws_iam_role" "lambda" {
      + arn                   = (known after apply)
      + assume_role_policy    = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "sts:AssumeRole"
                      + Effect    = "Allow"
                      + Principal = {
                          + Service = "lambda.amazonaws.com"
                        }
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + create_date           = (known after apply)
      + force_detach_policies = true
      + id                    = (known after apply)
      + managed_policy_arns   = (known after apply)
      + max_session_duration  = 3600
      + name                  = "levio-demo-fev-inference-dev-role"
      + name_prefix           = (known after apply)
      + path                  = "/"
      + tags_all              = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + unique_id             = (known after apply)
    }

  # module.inference.module.lambda_function_container_image.aws_iam_role_policy_attachment.additional_inline[0] will be created
  + resource "aws_iam_role_policy_attachment" "additional_inline" {
      + id         = (known after apply)
      + policy_arn = (known after apply)
      + role       = "levio-demo-fev-inference-dev-role"
    }

  # module.inference.module.lambda_function_container_image.aws_iam_role_policy_attachment.logs[0] will be created
  + resource "aws_iam_role_policy_attachment" "logs" {
      + id         = (known after apply)
      + policy_arn = (known after apply)
      + role       = "levio-demo-fev-inference-dev-role"
    }

  # module.inference.module.lambda_function_container_image.aws_lambda_function.this[0] will be created
  + resource "aws_lambda_function" "this" {
      + architectures                  = (known after apply)
      + arn                            = (known after apply)
      + function_name                  = "levio-demo-fev-inference-dev"
      + id                             = (known after apply)
      + image_uri                      = "446872271111.dkr.ecr.us-east-1.amazonaws.com/inference-lambda-dev:c4da00f424e76817f2111b73e5b23af0d5fec699ca1e0a10a0fb3a5275568b83"
      + invoke_arn                     = (known after apply)
      + last_modified                  = (known after apply)
      + memory_size                    = 1024
      + package_type                   = "Image"
      + publish                        = false
      + qualified_arn                  = (known after apply)
      + qualified_invoke_arn           = (known after apply)
      + reserved_concurrent_executions = -1
      + role                           = (known after apply)
      + signing_job_arn                = (known after apply)
      + signing_profile_version_arn    = (known after apply)
      + skip_destroy                   = false
      + source_code_hash               = (known after apply)
      + source_code_size               = (known after apply)
      + tags_all                       = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + timeout                        = 60
      + version                        = (known after apply)

      + environment {
          + variables = (known after apply)
        }

      + ephemeral_storage {
          + size = 512
        }

      + logging_config {
          + log_format = "Text"
          + log_group  = (known after apply)
        }

      + vpc_config {
          + ipv6_allowed_for_dual_stack = false
          + security_group_ids          = (known after apply)
          + subnet_ids                  = (known after apply)
          + vpc_id                      = (known after apply)
        }
    }

  # module.ingestion.module.lambda_function_container_image.data.aws_iam_policy_document.additional_inline[0] will be read during apply
  # (config refers to values not yet known)
 <= data "aws_iam_policy_document" "additional_inline" {
      + id   = (known after apply)
      + json = (known after apply)

      + statement {
          + actions   = [
              + "ec2:CreateNetworkInterface",
              + "ec2:DeleteNetworkInterface",
              + "ec2:DescribeNetworkInterfaces",
            ]
          + effect    = "Allow"
          + resources = [
              + "*",
            ]
          + sid       = "accessnetworkinterface"
        }
      + statement {
          + actions   = [
              + "bedrock:*",
            ]
          + effect    = "Allow"
          + resources = [
              + "*",
            ]
          + sid       = "bedrockusage"
        }
      + statement {
          + actions   = [
              + "logs:CreateLogGroup",
            ]
          + effect    = "Allow"
          + resources = [
              + "arn:aws:logs:*:*:*",
            ]
          + sid       = "loggroup"
        }
      + statement {
          + actions   = [
              + "logs:CreateLogStream",
              + "logs:PutLogEvents",
            ]
          + effect    = "Allow"
          + resources = [
              + "arn:aws:logs:*:*:log-group:/aws/levio-demo-fev-ingestion-dev/*:*",
            ]
          + sid       = "logwrite"
        }
      + statement {
          + actions   = [
              + "rds-db:beginTransaction",
              + "rds-db:commit-transaction",
              + "rds-db:connect",
              + "rds-db:execute-statement",
              + "rds-db:rollback-transaction",
            ]
          + effect    = "Allow"
          + resources = [
              + "arn:aws:rds:us-east-1:446872271111:db:vector_db_dev",
            ]
          + sid       = "rdsconnectreadwrite"
        }
      + statement {
          + actions   = [
              + "s3:*",
            ]
          + effect    = "Allow"
          + resources = (known after apply)
          + sid       = "s3"
        }
      + statement {
          + actions   = [
              + "secretsmanager:GetSecretValue",
            ]
          + effect    = "Allow"
          + resources = (known after apply)
          + sid       = "secretsmanager"
        }
      + statement {
          + actions   = [
              + "sqs:ChangeMessageVisibility",
              + "sqs:DeleteMessage",
              + "sqs:GetQueueAttributes",
              + "sqs:ReceiveMessage",
            ]
          + effect    = "Allow"
          + resources = (known after apply)
          + sid       = "sqs"
        }
    }

  # module.ingestion.module.lambda_function_container_image.data.aws_iam_policy_document.logs[0] will be read during apply
  # (config refers to values not yet known)
 <= data "aws_iam_policy_document" "logs" {
      + id   = (known after apply)
      + json = (known after apply)

      + statement {
          + actions   = [
              + "logs:CreateLogGroup",
              + "logs:CreateLogStream",
              + "logs:PutLogEvents",
            ]
          + effect    = "Allow"
          + resources = (known after apply)
        }
    }

  # module.ingestion.module.lambda_function_container_image.aws_cloudwatch_log_group.lambda[0] will be created
  + resource "aws_cloudwatch_log_group" "lambda" {
      + arn               = (known after apply)
      + id                = (known after apply)
      + log_group_class   = (known after apply)
      + name              = "/aws/lambda/levio-demo-fev-ingestion-dev"
      + name_prefix       = (known after apply)
      + retention_in_days = 0
      + skip_destroy      = false
      + tags_all          = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
    }

  # module.ingestion.module.lambda_function_container_image.aws_iam_policy.additional_inline[0] will be created
  + resource "aws_iam_policy" "additional_inline" {
      + arn         = (known after apply)
      + id          = (known after apply)
      + name        = "levio-demo-fev-ingestion-dev-role-inline"
      + name_prefix = (known after apply)
      + path        = "/"
      + policy      = (known after apply)
      + policy_id   = (known after apply)
      + tags_all    = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
    }

  # module.ingestion.module.lambda_function_container_image.aws_iam_policy.logs[0] will be created
  + resource "aws_iam_policy" "logs" {
      + arn         = (known after apply)
      + id          = (known after apply)
      + name        = "levio-demo-fev-ingestion-dev-role-logs"
      + name_prefix = (known after apply)
      + path        = "/"
      + policy      = (known after apply)
      + policy_id   = (known after apply)
      + tags_all    = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
    }

  # module.ingestion.module.lambda_function_container_image.aws_iam_role.lambda[0] will be created
  + resource "aws_iam_role" "lambda" {
      + arn                   = (known after apply)
      + assume_role_policy    = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "sts:AssumeRole"
                      + Effect    = "Allow"
                      + Principal = {
                          + Service = "lambda.amazonaws.com"
                        }
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + create_date           = (known after apply)
      + force_detach_policies = true
      + id                    = (known after apply)
      + managed_policy_arns   = (known after apply)
      + max_session_duration  = 3600
      + name                  = "levio-demo-fev-ingestion-dev-role"
      + name_prefix           = (known after apply)
      + path                  = "/"
      + tags_all              = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + unique_id             = (known after apply)
    }

  # module.ingestion.module.lambda_function_container_image.aws_iam_role_policy_attachment.additional_inline[0] will be created
  + resource "aws_iam_role_policy_attachment" "additional_inline" {
      + id         = (known after apply)
      + policy_arn = (known after apply)
      + role       = "levio-demo-fev-ingestion-dev-role"
    }

  # module.ingestion.module.lambda_function_container_image.aws_iam_role_policy_attachment.logs[0] will be created
  + resource "aws_iam_role_policy_attachment" "logs" {
      + id         = (known after apply)
      + policy_arn = (known after apply)
      + role       = "levio-demo-fev-ingestion-dev-role"
    }

  # module.ingestion.module.lambda_function_container_image.aws_lambda_function.this[0] will be created
  + resource "aws_lambda_function" "this" {
      + architectures                  = (known after apply)
      + arn                            = (known after apply)
      + function_name                  = "levio-demo-fev-ingestion-dev"
      + id                             = (known after apply)
      + image_uri                      = "446872271111.dkr.ecr.us-east-1.amazonaws.com/ingestion-lambda-dev:f26f55051edcf9d110f9aa07a4bcd332321673b20b0d47ca8e7f94f7e91d220b"
      + invoke_arn                     = (known after apply)
      + last_modified                  = (known after apply)
      + memory_size                    = 1024
      + package_type                   = "Image"
      + publish                        = false
      + qualified_arn                  = (known after apply)
      + qualified_invoke_arn           = (known after apply)
      + reserved_concurrent_executions = -1
      + role                           = (known after apply)
      + signing_job_arn                = (known after apply)
      + signing_profile_version_arn    = (known after apply)
      + skip_destroy                   = false
      + source_code_hash               = (known after apply)
      + source_code_size               = (known after apply)
      + tags_all                       = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + timeout                        = 500
      + version                        = (known after apply)

      + environment {
          + variables = (known after apply)
        }

      + ephemeral_storage {
          + size = 512
        }

      + logging_config {
          + log_format = "Text"
          + log_group  = (known after apply)
        }

      + vpc_config {
          + ipv6_allowed_for_dual_stack = false
          + security_group_ids          = (known after apply)
          + subnet_ids                  = (known after apply)
          + vpc_id                      = (known after apply)
        }
    }

  # module.memory.module.lambda_function_container_image.data.aws_iam_policy_document.logs[0] will be read during apply
  # (config refers to values not yet known)
 <= data "aws_iam_policy_document" "logs" {
      + id   = (known after apply)
      + json = (known after apply)

      + statement {
          + actions   = [
              + "logs:CreateLogGroup",
              + "logs:CreateLogStream",
              + "logs:PutLogEvents",
            ]
          + effect    = "Allow"
          + resources = (known after apply)
        }
    }

  # module.memory.module.lambda_function_container_image.aws_cloudwatch_log_group.lambda[0] will be created
  + resource "aws_cloudwatch_log_group" "lambda" {
      + arn               = (known after apply)
      + id                = (known after apply)
      + log_group_class   = (known after apply)
      + name              = "/aws/lambda/levio-demo-fev-memory-dev"
      + name_prefix       = (known after apply)
      + retention_in_days = 0
      + skip_destroy      = false
      + tags_all          = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
    }

  # module.memory.module.lambda_function_container_image.aws_iam_policy.additional_inline[0] will be created
  + resource "aws_iam_policy" "additional_inline" {
      + arn         = (known after apply)
      + id          = (known after apply)
      + name        = "levio-demo-fev-memory-dev-role-inline"
      + name_prefix = (known after apply)
      + path        = "/"
      + policy      = jsonencode(
            {
              + Statement = [
                  + {
                      + Action   = [
                          + "ec2:DescribeNetworkInterfaces",
                          + "ec2:DeleteNetworkInterface",
                          + "ec2:CreateNetworkInterface",
                        ]
                      + Effect   = "Allow"
                      + Resource = "*"
                      + Sid      = "accessnetworkinterface"
                    },
                  + {
                      + Action   = [
                          + "dynamodb:UpdateItem",
                          + "dynamodb:Scan",
                          + "dynamodb:Query",
                          + "dynamodb:PutItem",
                          + "dynamodb:GetItem",
                          + "dynamodb:DeleteItem",
                          + "dynamodb:BatchWriteItem",
                          + "dynamodb:BatchGetItem",
                        ]
                      + Effect   = "Allow"
                      + Resource = "arn:aws:dynamodb:us-east-1:446872271111:table/levio-demo-fev-chat-history-dev"
                      + Sid      = "dynamodb"
                    },
                  + {
                      + Action   = "logs:CreateLogGroup"
                      + Effect   = "Allow"
                      + Resource = "arn:aws:logs:*:*:*"
                      + Sid      = "loggroup"
                    },
                  + {
                      + Action   = [
                          + "logs:PutLogEvents",
                          + "logs:CreateLogStream",
                        ]
                      + Effect   = "Allow"
                      + Resource = "arn:aws:logs:*:*:log-group:/aws/levio-demo-fev-memory-dev/*:*"
                      + Sid      = "logwrite"
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + policy_id   = (known after apply)
      + tags_all    = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
    }

  # module.memory.module.lambda_function_container_image.aws_iam_policy.logs[0] will be created
  + resource "aws_iam_policy" "logs" {
      + arn         = (known after apply)
      + id          = (known after apply)
      + name        = "levio-demo-fev-memory-dev-role-logs"
      + name_prefix = (known after apply)
      + path        = "/"
      + policy      = (known after apply)
      + policy_id   = (known after apply)
      + tags_all    = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
    }

  # module.memory.module.lambda_function_container_image.aws_iam_role.lambda[0] will be created
  + resource "aws_iam_role" "lambda" {
      + arn                   = (known after apply)
      + assume_role_policy    = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "sts:AssumeRole"
                      + Effect    = "Allow"
                      + Principal = {
                          + Service = "lambda.amazonaws.com"
                        }
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + create_date           = (known after apply)
      + force_detach_policies = true
      + id                    = (known after apply)
      + managed_policy_arns   = (known after apply)
      + max_session_duration  = 3600
      + name                  = "levio-demo-fev-memory-dev-role"
      + name_prefix           = (known after apply)
      + path                  = "/"
      + tags_all              = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + unique_id             = (known after apply)
    }

  # module.memory.module.lambda_function_container_image.aws_iam_role_policy_attachment.additional_inline[0] will be created
  + resource "aws_iam_role_policy_attachment" "additional_inline" {
      + id         = (known after apply)
      + policy_arn = (known after apply)
      + role       = "levio-demo-fev-memory-dev-role"
    }

  # module.memory.module.lambda_function_container_image.aws_iam_role_policy_attachment.logs[0] will be created
  + resource "aws_iam_role_policy_attachment" "logs" {
      + id         = (known after apply)
      + policy_arn = (known after apply)
      + role       = "levio-demo-fev-memory-dev-role"
    }

  # module.memory.module.lambda_function_container_image.aws_lambda_function.this[0] will be created
  + resource "aws_lambda_function" "this" {
      + architectures                  = (known after apply)
      + arn                            = (known after apply)
      + function_name                  = "levio-demo-fev-memory-dev"
      + id                             = (known after apply)
      + image_uri                      = "446872271111.dkr.ecr.us-east-1.amazonaws.com/memory-lambda-dev:5c7500d9eb487dc9b0fa308e09f2a1b90afdfcefbfd98c255087c987cf200a6f"
      + invoke_arn                     = (known after apply)
      + last_modified                  = (known after apply)
      + memory_size                    = 1024
      + package_type                   = "Image"
      + publish                        = false
      + qualified_arn                  = (known after apply)
      + qualified_invoke_arn           = (known after apply)
      + reserved_concurrent_executions = -1
      + role                           = (known after apply)
      + signing_job_arn                = (known after apply)
      + signing_profile_version_arn    = (known after apply)
      + skip_destroy                   = false
      + source_code_hash               = (known after apply)
      + source_code_size               = (known after apply)
      + tags_all                       = {
          + "Environment" = "dev-dev"
          + "Project"     = "levio-aws-demo-fev-dev"
          + "Terraform"   = "true"
        }
      + timeout                        = 60
      + version                        = (known after apply)

      + environment {
          + variables = {
              + "DYNAMO_TABLE" = "levio-demo-fev-chat-history-dev"
            }
        }

      + ephemeral_storage {
          + size = 512
        }

      + logging_config {
          + log_format = "Text"
          + log_group  = (known after apply)
        }

      + vpc_config {
          + ipv6_allowed_for_dual_stack = false
          + security_group_ids          = (known after apply)
          + subnet_ids                  = (known after apply)
          + vpc_id                      = (known after apply)
        }
    }

Plan: 66 to add, 0 to change, 0 to destroy.

Changes to Outputs:
  + db_username      = "postgres_admin"
  + instance_ip      = (known after apply)
  + rds_instance_dns = (known after apply)
  + vpc_id           = (known after apply)

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.

Pusher: @FloRul, Action: pull_request, Workflow: Infrastructure planning and management

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@FloRul