[PRM-713] Upgraded PDS Adaptor to Spring Boot 4, Java 25 and Gradle 9.3

[AndyFlintAnswerDigital]

NOTE TO REVIEWER - REVIEW PRM-666 AND PRM-714 FIRST AS THESE CHANGES ARE BRANCHED OFF OF THEM

In general, to fix this kind of issue you should avoid globally disabling CSRF. Instead, leave CSRF protection enabled and, if needed, selectively relax it for specific endpoints or authentication schemes (for example, for pure JSON APIs authenticated via headers or tokens). This preserves protection for browser-based flows while giving you flexibility for machine-to-machine calls.

In this specific configuration, the simplest safe fix that preserves the stateless API behavior is to remove the .csrf(AbstractHttpConfigurer::disable) call so that Spring Security’s default CSRF configuration applies. Because the rest of the filter chain is already stateless and using HTTP Basic, Spring Security will still enforce authentication as before, but now CSRF tokens will be required for unsafe HTTP methods when requests originate from browsers with cookies. No additional imports or methods are needed; we only adjust the securityFilterChain bean definition in SecurityConfig.java by deleting the .csrf(AbstractHttpConfigurer::disable) line.

[github-actions]

Report for nems-event-processor

Terraform Initialization ⚙️success

Initialization Output

Initializing the backend...

Successfully configured the backend "s3"! Terraform will automatically
use this backend unless the backend configuration changes.
Initializing provider plugins...
- Finding hashicorp/aws versions matching "3.44.0"...
- Installing hashicorp/aws v3.44.0...
- Installed hashicorp/aws v3.44.0 (signed by HashiCorp)
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

Terraform Validation 🤖success

Validation Output

Success! The configuration is valid.

Terraform Plan 📖success

Show Plan (0 to add, 1 to change, 0 to destroy)

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # aws_ecs_cluster.ecs-cluster will be updated in-place
  ~ resource "aws_ecs_cluster" "ecs-cluster" {
        id                 = "arn:aws:ecs:eu-west-2:[REDACTED_AWS_ACCOUNT_ID]:cluster/dev-nems-event-processor-ecs-cluster"
        name               = "dev-nems-event-processor-ecs-cluster"
        tags               = {
            "CreatedBy"   = "prm-deductions-nems-event-processor"
            "Environment" = "dev"
        }
        # (3 unchanged attributes hidden)

      + setting {
          + name  = "containerInsights"
          + value = "enabled"
        }
    }

Plan: 0 to add, 1 to change, 0 to destroy.

[github-actions]

Report for re-registration-service

Terraform Initialization ⚙️success

Initialization Output

Initializing the backend...

Successfully configured the backend "s3"! Terraform will automatically
use this backend unless the backend configuration changes.
Initializing provider plugins...
- Finding hashicorp/aws versions matching "3.44.0"...
- Installing hashicorp/aws v3.44.0...
- Installed hashicorp/aws v3.44.0 (signed by HashiCorp)
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

Terraform Validation 🤖success

Validation Output

Success! The configuration is valid.

Terraform Plan 📖success

Show Plan (0 to add, 1 to change, 0 to destroy)

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # aws_ecs_cluster.ecs-cluster will be updated in-place
  ~ resource "aws_ecs_cluster" "ecs-cluster" {
        id                 = "arn:aws:ecs:eu-west-2:[REDACTED_AWS_ACCOUNT_ID]:cluster/dev-re-registration-service-ecs-cluster"
        name               = "dev-re-registration-service-ecs-cluster"
        tags               = {
            "CreatedBy"   = "prm-repo-re-registration-service"
            "Environment" = "dev"
        }
        # (3 unchanged attributes hidden)

      + setting {
          + name  = "containerInsights"
          + value = "enabled"
        }
    }

Plan: 0 to add, 1 to change, 0 to destroy.

[github-actions]

Report for suspension-service

Terraform Initialization ⚙️success

Initialization Output

Initializing the backend...

Successfully configured the backend "s3"! Terraform will automatically
use this backend unless the backend configuration changes.
Initializing modules...
- suspension-service in modules/suspension-service
Initializing provider plugins...
- Finding hashicorp/aws versions matching "5.59.0"...
- Finding latest version of hashicorp/archive...
- Installing hashicorp/aws v5.59.0...
- Installed hashicorp/aws v5.59.0 (signed by HashiCorp)
- Installing hashicorp/archive v2.7.1...
- Installed hashicorp/archive v2.7.1 (signed by HashiCorp)
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

Terraform Validation 🤖success

Validation Output

Success! The configuration is valid.

Terraform Plan 📖success

Show Plan (no changes)

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

[github-actions]

Report for nems-event-processor

Terraform Initialization ⚙️success

Initialization Output

Initializing the backend...

Successfully configured the backend "s3"! Terraform will automatically
use this backend unless the backend configuration changes.
Initializing provider plugins...
- Finding hashicorp/aws versions matching "3.44.0"...
- Installing hashicorp/aws v3.44.0...
- Installed hashicorp/aws v3.44.0 (signed by HashiCorp)
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

Terraform Validation 🤖success

Validation Output

Success! The configuration is valid.

Terraform Plan 📖success

Show Plan (0 to add, 1 to change, 0 to destroy)

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # aws_ecs_cluster.ecs-cluster will be updated in-place
  ~ resource "aws_ecs_cluster" "ecs-cluster" {
        id                 = "arn:aws:ecs:eu-west-2:[REDACTED_AWS_ACCOUNT_ID]:cluster/dev-nems-event-processor-ecs-cluster"
        name               = "dev-nems-event-processor-ecs-cluster"
        tags               = {
            "CreatedBy"   = "prm-deductions-nems-event-processor"
            "Environment" = "dev"
        }
        # (3 unchanged attributes hidden)

      + setting {
          + name  = "containerInsights"
          + value = "enabled"
        }
    }

Plan: 0 to add, 1 to change, 0 to destroy.

[github-actions]

Report for re-registration-service

Terraform Initialization ⚙️success

Initialization Output

Initializing the backend...

Successfully configured the backend "s3"! Terraform will automatically
use this backend unless the backend configuration changes.
Initializing provider plugins...
- Finding hashicorp/aws versions matching "3.44.0"...
- Installing hashicorp/aws v3.44.0...
- Installed hashicorp/aws v3.44.0 (signed by HashiCorp)
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

Terraform Validation 🤖success

Validation Output

Success! The configuration is valid.

Terraform Plan 📖success

Show Plan (0 to add, 1 to change, 0 to destroy)

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # aws_ecs_cluster.ecs-cluster will be updated in-place
  ~ resource "aws_ecs_cluster" "ecs-cluster" {
        id                 = "arn:aws:ecs:eu-west-2:[REDACTED_AWS_ACCOUNT_ID]:cluster/dev-re-registration-service-ecs-cluster"
        name               = "dev-re-registration-service-ecs-cluster"
        tags               = {
            "CreatedBy"   = "prm-repo-re-registration-service"
            "Environment" = "dev"
        }
        # (3 unchanged attributes hidden)

      + setting {
          + name  = "containerInsights"
          + value = "enabled"
        }
    }

Plan: 0 to add, 1 to change, 0 to destroy.

[github-actions]

Report for suspension-service

Terraform Initialization ⚙️success

Initialization Output

Initializing the backend...

Successfully configured the backend "s3"! Terraform will automatically
use this backend unless the backend configuration changes.
Initializing modules...
- suspension-service in modules/suspension-service
Initializing provider plugins...
- Finding hashicorp/aws versions matching "5.59.0"...
- Finding latest version of hashicorp/archive...
- Installing hashicorp/archive v2.7.1...
- Installed hashicorp/archive v2.7.1 (signed by HashiCorp)
- Installing hashicorp/aws v5.59.0...
- Installed hashicorp/aws v5.59.0 (signed by HashiCorp)
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

Terraform Validation 🤖success

Validation Output

Success! The configuration is valid.

Terraform Plan 📖failure

Show Plan ()

module.suspension-service.data.archive_file.lambda: Reading...
module.suspension-service.data.archive_file.lambda: Read complete after 0s [id=a40735bd0ae66a3ce86b1c5f02a7ad3f9a0261f6]
data.aws_sns_topic.alarm_notifications: Reading...
data.aws_iam_policy_document.sns_failure_feedback_policy: Reading...
module.suspension-service.data.aws_iam_policy_document.assume_role: Reading...
module.suspension-service.data.aws_ssm_parameter.suspensions_sns_topic_arn: Reading...
module.suspension-service.data.aws_caller_identity.current: Reading...
data.aws_ssm_parameter.pds_adaptor_auth_key: Reading...
data.aws_ssm_parameter.dynamodb_prefix_list_id: Reading...
module.suspension-service.data.aws_ssm_parameter.suspensions_kms_key_id: Reading...
data.aws_ssm_parameter.safe_listed_ods_codes: Reading...
data.aws_iam_policy_document.sns_failure_feedback_policy: Read complete after 0s [id=3494271637]
module.suspension-service.data.aws_iam_policy_document.assume_role: Read complete after 0s [id=2690255455]
data.aws_iam_policy_document.cloudwatch_metrics_policy_doc: Reading...
data.aws_ssm_parameter.s3_prefix_list_id: Reading...
data.aws_iam_policy_document.cloudwatch_metrics_policy_doc: Read complete after 0s [id=3149000521]
data.aws_iam_policy_document.sns_service_assume_role_policy: Reading...
data.aws_iam_policy_document.sns_service_assume_role_policy: Read complete after 0s [id=318828377]
data.aws_ssm_parameter.deductions_private_vpc_id: Reading...
module.suspension-service.data.aws_caller_identity.current: Read complete after 0s [id=[REDACTED_AWS_ACCOUNT_ID]]
data.aws_iam_policy_document.ecs-assume-role-policy: Reading...
data.aws_iam_policy_document.ecs-assume-role-policy: Read complete after 0s [id=1077804475]
data.aws_ssm_parameter.environment_domain_name: Reading...
data.aws_ssm_parameter.safe_listed_ods_codes: Read complete after 0s [id=/repo/dev/user-input/external/safe-listed-ods-codes]
module.suspension-service.data.aws_s3_bucket.access_logs: Reading...
data.aws_ssm_parameter.dynamodb_prefix_list_id: Read complete after 0s [id=/repo/dev/output/prm-deductions-infra/dynamodb_prefix_list_id]
data.aws_ssm_parameter.s3_prefix_list_id: Read complete after 0s [id=/repo/dev/output/prm-deductions-infra/s3_prefix_list_id]
data.aws_ssm_parameter.deductions_private_private_subnets: Reading...
data.aws_caller_identity.current: Reading...
module.suspension-service.data.aws_ssm_parameter.suspensions_kms_key_id: Read complete after 0s [id=/repo/dev/output/prm-deductions-nems-event-processor/suspensions-kms-key-id]
module.suspension-service.data.aws_ssm_parameter.suspensions_sns_topic_arn: Read complete after 0s [id=/repo/dev/output/nems-event-processor/suspensions-sns-topic-arn]
module.suspension-service.data.aws_sns_topic.alarm_notifications: Reading...
data.aws_ssm_parameter.deductions_private_vpc_id: Read complete after 0s [id=/repo/dev/output/prm-deductions-infra/private-vpc-id]
data.aws_ssm_parameter.repo_ods_code: Reading...
data.aws_ssm_parameter.pds_adaptor_auth_key: Read complete after 0s [id=/repo/dev/user-input/api-keys/pds-adaptor/suspension-service]
data.aws_iam_policy_document.kms_policy_doc: Reading...
data.aws_iam_policy_document.kms_policy_doc: Read complete after 0s [id=2252110784]
data.aws_ssm_parameter.deductions_private_db_subnets: Reading...
data.aws_sns_topic.alarm_notifications: Read complete after 0s [id=arn:aws:sns:eu-west-2:[REDACTED_AWS_ACCOUNT_ID]:dev-alarm-notifications-sns-topic]
data.aws_caller_identity.current: Read complete after 0s [id=[REDACTED_AWS_ACCOUNT_ID]]
data.aws_ssm_parameter.environment_domain_name: Read complete after 0s [id=/repo/dev/output/prm-deductions-infra/environment-domain-name]
data.aws_ssm_parameter.deductions_private_private_subnets: Read complete after 0s [id=/repo/dev/output/prm-deductions-infra/deductions-private-private-subnets]
module.suspension-service.data.aws_iam_policy_document.kms_key_policy_doc: Reading...
module.suspension-service.data.aws_iam_policy_document.kms_key_policy_doc: Read complete after 0s [id=220216613]
data.aws_ssm_parameter.repo_ods_code: Read complete after 0s [id=/repo/dev/user-input/external/repository-ods-code]
data.aws_vpc.private_vpc: Reading...
data.aws_ssm_parameter.deductions_private_db_subnets: Read complete after 0s [id=/repo/dev/output/prm-deductions-infra/deductions-private-database-subnets]
module.suspension-service.data.aws_sns_topic.alarm_notifications: Read complete after 0s [id=arn:aws:sns:eu-west-2:[REDACTED_AWS_ACCOUNT_ID]:dev-alarm-notifications-sns-topic]
data.aws_iam_policy_document.kms_key_policy_doc: Reading...
data.aws_iam_policy_document.kms_key_policy_doc: Read complete after 0s [id=220216613]
module.suspension-service.data.aws_s3_bucket.access_logs: Read complete after 1s [id=dev-orc-access-logs]
data.aws_iam_policy_document.ecr_policy_doc: Reading...
data.aws_iam_policy_document.ecr_policy_doc: Read complete after 0s [id=1289991967]
data.aws_iam_policy_document.logs_policy_doc: Reading...
data.aws_iam_policy_document.logs_policy_doc: Read complete after 0s [id=1671441502]
data.aws_vpc.private_vpc: Read complete after 1s
data.aws_iam_policy_document.sns_policy_doc: Reading...
data.aws_iam_policy_document.sns_policy_doc: Read complete after 0s [id=1342850970]
data.aws_iam_policy_document.dynamodb-table-access: Reading...
data.aws_iam_policy_document.dynamodb-table-access: Read complete after 0s [id=357627877]

Planning failed. Terraform encountered an error while generating this plan.


Warning: Value for undeclared variable

The root module does not declare a variable named "common_account_id" but a
value was found in file "pipeline.auto.tfvars". If you meant to use this
value, add a "variable" block to the configuration.

To silence these warnings, use TF_VAR_... environment variables to provide
certain "global" settings to all configurations in your organization. To
reduce the verbosity of these warnings, use the -compact-warnings option.

Warning: Value for undeclared variable

The root module does not declare a variable named "common_account_role" but a
value was found in file "pipeline.auto.tfvars". If you meant to use this
value, add a "variable" block to the configuration.

To silence these warnings, use TF_VAR_... environment variables to provide
certain "global" settings to all configurations in your organization. To
reduce the verbosity of these warnings, use the -compact-warnings option.

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_iam_policy.suspensions_queue_send_message_policy"
from prior state: unsupported attribute "delay_after_policy_creation_in_ms"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_s3_bucket_server_side_encryption_configuration.ingestion_bucket"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_sns_topic_subscription.suspensions_topic" from
prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_s3_bucket_logging.ingestion_bucket" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_ssm_parameter.suspensions_queue_name" from
prior state: unsupported attribute "has_value_wo"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_ssm_parameter.suspensions_queue_arn" from
prior state: unsupported attribute "has_value_wo"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_sqs_queue_policy.suspensions_subscription"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "module.suspension-service.aws_sqs_queue.suspensions" from
prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_sns_topic_subscription.repo_incoming_observability_queue"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_sqs_queue.repo_incoming_observability_queue"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_sqs_queue_policy.repo_incoming_observability"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "module.suspension-service.aws_lambda_function.lambda" from
prior state: unsupported attribute "capacity_provider_config"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_cloudwatch_metric_alarm.suspensions_queue_age_of_message"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"aws_sqs_queue_policy.mof_not_updated_events_audit_subscription" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.not_suspended_observability" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.deceased_patient" from prior state: unsupported
attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue_policy.not_suspended_events_subscription" from
prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"aws_sns_topic_subscription.event_out_of_order_observability_queue" from
prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.deceased_patient_audit_splunk_dlq" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue_policy.invalid_suspension_audit_subscription"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_ssm_parameter.not_suspended_observability_queue" from
prior state: unsupported attribute "has_value_wo"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.deceased_patient" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.mof_not_updated_audit" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue_policy.event_out_of_order_audit_subscription"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.event_out_of_order_audit" from
prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_cloudwatch_metric_alarm.suspension_out_of_order_audit"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.invalid_suspension_splunk_dlq" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.mof_updated_audit" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue_policy.mof_updated_events_audit_subscription"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.not_suspended" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue_policy.mof_updated_events_subscription" from
prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.invalid_suspension" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.event_out_of_order_audit" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"aws_sqs_queue_policy.event_out_of_order_observability_queue_subscription"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.invalid_suspension_audit" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.not_suspended_audit" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue_policy.mof_not_updated_events_subscription"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.mof_updated_audit" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue_policy.not_suspended_events_audit_subscription"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_cloudwatch_metric_alarm.suspension_mof_updated_audit"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_cloudwatch_metric_alarm.suspension_mof_not_updated_audit"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.not_suspended_audit" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_cloudwatch_metric_alarm.suspension_not_suspended_audit"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.invalid_suspension_audit" from
prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.event_out_of_order_observability_queue" from
prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"aws_cloudwatch_metric_alarm.suspension_invalid_suspension_dlq_audit" from
prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.deceased_patient_audit" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.deceased_patient_audit" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.mof_updated" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"aws_sqs_queue_policy.non_sensitive_deceased_audit_subscription" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.not_suspended_audit_splunk_dlq" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_ecs_task_definition.task" from prior state: unsupported
attribute "enable_fault_injection"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.mof_not_updated" from prior state: unsupported
attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.event_out_of_order_audit_splunk_dlq" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.invalid_suspension" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.mof_updated_audit_splunk_dlq" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"aws_cloudwatch_metric_alarm.suspension_deceased_patient_audit" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_ssm_parameter.mof_updated_queue" from prior state:
unsupported attribute "has_value_wo"

Warning: Failed to decode resource from state

Error decoding "aws_iam_policy.suspensions_processor_sqs" from prior state:
unsupported attribute "delay_after_policy_creation_in_ms"

Warning: Failed to decode resource from state

Error decoding "aws_ecs_service.ecs-service" from prior state: unsupported
attribute "arn"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue_policy.non_sensitive_deceased_subscription"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.mof_not_updated_audit" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.mof_updated" from prior state: unsupported
attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.mof_not_updated" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.mof_not_updated_audit_splunk_dlq" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue_policy.invalid_suspension_subscription" from
prior state: unsupported attribute "region"


Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.mof_not_updated_audit_splunk_dlq was
created by a newer provider version than is currently selected. Upgrade the
aws provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.event_out_of_order_observability_queue was
created by a newer provider version than is currently selected. Upgrade the
aws provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of
module.suspension-service.aws_s3_bucket_server_side_encryption_configuration.ingestion_bucket
was created by a newer provider version than is currently selected. Upgrade
the aws provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.event_out_of_order_audit_splunk_dlq was
created by a newer provider version than is currently selected. Upgrade the
aws provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of
module.suspension-service.aws_sqs_queue.repo_incoming_observability_queue was
created by a newer provider version than is currently selected. Upgrade the
aws provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.not_suspended_observability was created by
a newer provider version than is currently selected. Upgrade the aws provider
to work with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.mof_updated was created by a newer
provider version than is currently selected. Upgrade the aws provider to work
with this state.

Error: Resource instance managed by newer provider version

The current state of
module.suspension-service.aws_s3_bucket_logging.ingestion_bucket was created
by a newer provider version than is currently selected. Upgrade the aws
provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.deceased_patient_audit_splunk_dlq was
created by a newer provider version than is currently selected. Upgrade the
aws provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.deceased_patient was created by a newer
provider version than is currently selected. Upgrade the aws provider to work
with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.invalid_suspension_splunk_dlq was created
by a newer provider version than is currently selected. Upgrade the aws
provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.mof_updated_audit_splunk_dlq was created
by a newer provider version than is currently selected. Upgrade the aws
provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.not_suspended_audit_splunk_dlq was created
by a newer provider version than is currently selected. Upgrade the aws
provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.mof_not_updated was created by a newer
provider version than is currently selected. Upgrade the aws provider to work
with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.invalid_suspension was created by a newer
provider version than is currently selected. Upgrade the aws provider to work
with this state.

Error: Resource instance managed by newer provider version

The current state of module.suspension-service.aws_sqs_queue.suspensions was
created by a newer provider version than is currently selected. Upgrade the
aws provider to work with this state.

[github-actions]

Code security issues found

View full details here.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[github-actions]

Report for nems-event-processor

Terraform Initialization ⚙️success

Initialization Output

Initializing the backend...

Successfully configured the backend "s3"! Terraform will automatically
use this backend unless the backend configuration changes.
Initializing provider plugins...
- Finding hashicorp/aws versions matching "3.44.0"...
- Installing hashicorp/aws v3.44.0...
- Installed hashicorp/aws v3.44.0 (signed by HashiCorp)
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

Terraform Validation 🤖success

Validation Output

Success! The configuration is valid.

Terraform Plan 📖success

Show Plan (0 to add, 1 to change, 0 to destroy)

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # aws_ecs_cluster.ecs-cluster will be updated in-place
  ~ resource "aws_ecs_cluster" "ecs-cluster" {
        id                 = "arn:aws:ecs:eu-west-2:[REDACTED_AWS_ACCOUNT_ID]:cluster/dev-nems-event-processor-ecs-cluster"
        name               = "dev-nems-event-processor-ecs-cluster"
        tags               = {
            "CreatedBy"   = "prm-deductions-nems-event-processor"
            "Environment" = "dev"
        }
        # (3 unchanged attributes hidden)

      + setting {
          + name  = "containerInsights"
          + value = "enabled"
        }
    }

Plan: 0 to add, 1 to change, 0 to destroy.

[github-actions]

Report for re-registration-service

Terraform Initialization ⚙️success

Initialization Output

Initializing the backend...

Successfully configured the backend "s3"! Terraform will automatically
use this backend unless the backend configuration changes.
Initializing provider plugins...
- Finding hashicorp/aws versions matching "3.44.0"...
- Installing hashicorp/aws v3.44.0...
- Installed hashicorp/aws v3.44.0 (signed by HashiCorp)
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

Terraform Validation 🤖success

Validation Output

Success! The configuration is valid.

Terraform Plan 📖success

Show Plan (0 to add, 1 to change, 0 to destroy)

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # aws_ecs_cluster.ecs-cluster will be updated in-place
  ~ resource "aws_ecs_cluster" "ecs-cluster" {
        id                 = "arn:aws:ecs:eu-west-2:[REDACTED_AWS_ACCOUNT_ID]:cluster/dev-re-registration-service-ecs-cluster"
        name               = "dev-re-registration-service-ecs-cluster"
        tags               = {
            "CreatedBy"   = "prm-repo-re-registration-service"
            "Environment" = "dev"
        }
        # (3 unchanged attributes hidden)

      + setting {
          + name  = "containerInsights"
          + value = "enabled"
        }
    }

Plan: 0 to add, 1 to change, 0 to destroy.

[github-actions]

Report for suspension-service

Terraform Initialization ⚙️success

Initialization Output

Initializing the backend...

Successfully configured the backend "s3"! Terraform will automatically
use this backend unless the backend configuration changes.
Initializing modules...
- suspension-service in modules/suspension-service
Initializing provider plugins...
- Finding hashicorp/aws versions matching "5.59.0"...
- Finding latest version of hashicorp/archive...
- Installing hashicorp/aws v5.59.0...
- Installed hashicorp/aws v5.59.0 (signed by HashiCorp)
- Installing hashicorp/archive v2.7.1...
- Installed hashicorp/archive v2.7.1 (signed by HashiCorp)
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

Terraform Validation 🤖success

Validation Output

Success! The configuration is valid.

Terraform Plan 📖failure

Show Plan ()

module.suspension-service.data.archive_file.lambda: Reading...
module.suspension-service.data.archive_file.lambda: Read complete after 0s [id=a40735bd0ae66a3ce86b1c5f02a7ad3f9a0261f6]
data.aws_sns_topic.alarm_notifications: Reading...
module.suspension-service.data.aws_s3_bucket.access_logs: Reading...
module.suspension-service.data.aws_sns_topic.alarm_notifications: Reading...
data.aws_iam_policy_document.cloudwatch_metrics_policy_doc: Reading...
data.aws_ssm_parameter.deductions_private_vpc_id: Reading...
data.aws_caller_identity.current: Reading...
data.aws_ssm_parameter.repo_ods_code: Reading...
data.aws_ssm_parameter.dynamodb_prefix_list_id: Reading...
data.aws_iam_policy_document.sns_service_assume_role_policy: Reading...
data.aws_ssm_parameter.deductions_private_db_subnets: Reading...
data.aws_iam_policy_document.sns_service_assume_role_policy: Read complete after 0s [id=318828377]
data.aws_iam_policy_document.cloudwatch_metrics_policy_doc: Read complete after 0s [id=3149000521]
data.aws_ssm_parameter.s3_prefix_list_id: Reading...
data.aws_caller_identity.current: Read complete after 0s [id=[REDACTED_AWS_ACCOUNT_ID]]
module.suspension-service.data.aws_ssm_parameter.suspensions_kms_key_id: Reading...
data.aws_sns_topic.alarm_notifications: Read complete after 1s [id=arn:aws:sns:eu-west-2:[REDACTED_AWS_ACCOUNT_ID]:dev-alarm-notifications-sns-topic]
data.aws_iam_policy_document.sns_failure_feedback_policy: Reading...
data.aws_iam_policy_document.sns_failure_feedback_policy: Read complete after 0s [id=3494271637]
data.aws_ssm_parameter.safe_listed_ods_codes: Reading...
data.aws_ssm_parameter.s3_prefix_list_id: Read complete after 1s [id=/repo/dev/output/prm-deductions-infra/s3_prefix_list_id]
data.aws_ssm_parameter.deductions_private_vpc_id: Read complete after 1s [id=/repo/dev/output/prm-deductions-infra/private-vpc-id]
module.suspension-service.data.aws_ssm_parameter.suspensions_sns_topic_arn: Reading...
data.aws_ssm_parameter.deductions_private_private_subnets: Reading...
module.suspension-service.data.aws_sns_topic.alarm_notifications: Read complete after 1s [id=arn:aws:sns:eu-west-2:[REDACTED_AWS_ACCOUNT_ID]:dev-alarm-notifications-sns-topic]
data.aws_ssm_parameter.pds_adaptor_auth_key: Reading...
data.aws_ssm_parameter.deductions_private_db_subnets: Read complete after 1s [id=/repo/dev/output/prm-deductions-infra/deductions-private-database-subnets]
module.suspension-service.data.aws_caller_identity.current: Reading...
data.aws_ssm_parameter.dynamodb_prefix_list_id: Read complete after 1s [id=/repo/dev/output/prm-deductions-infra/dynamodb_prefix_list_id]
data.aws_iam_policy_document.kms_policy_doc: Reading...
data.aws_ssm_parameter.repo_ods_code: Read complete after 1s [id=/repo/dev/user-input/external/repository-ods-code]
data.aws_iam_policy_document.kms_policy_doc: Read complete after 0s [id=2252110784]
module.suspension-service.data.aws_iam_policy_document.assume_role: Reading...
module.suspension-service.data.aws_iam_policy_document.assume_role: Read complete after 0s [id=2690255455]
data.aws_ssm_parameter.environment_domain_name: Reading...
data.aws_iam_policy_document.ecs-assume-role-policy: Reading...
data.aws_iam_policy_document.ecs-assume-role-policy: Read complete after 0s [id=1077804475]
module.suspension-service.data.aws_caller_identity.current: Read complete after 0s [id=[REDACTED_AWS_ACCOUNT_ID]]
data.aws_ssm_parameter.safe_listed_ods_codes: Read complete after 0s [id=/repo/dev/user-input/external/safe-listed-ods-codes]
data.aws_ssm_parameter.deductions_private_private_subnets: Read complete after 0s [id=/repo/dev/output/prm-deductions-infra/deductions-private-private-subnets]
module.suspension-service.data.aws_ssm_parameter.suspensions_kms_key_id: Read complete after 1s [id=/repo/dev/output/prm-deductions-nems-event-processor/suspensions-kms-key-id]
data.aws_iam_policy_document.kms_key_policy_doc: Reading...
module.suspension-service.data.aws_ssm_parameter.suspensions_sns_topic_arn: Read complete after 0s [id=/repo/dev/output/nems-event-processor/suspensions-sns-topic-arn]
data.aws_ssm_parameter.environment_domain_name: Read complete after 0s [id=/repo/dev/output/prm-deductions-infra/environment-domain-name]
data.aws_iam_policy_document.kms_key_policy_doc: Read complete after 0s [id=220216613]
data.aws_vpc.private_vpc: Reading...
data.aws_ssm_parameter.pds_adaptor_auth_key: Read complete after 0s [id=/repo/dev/user-input/api-keys/pds-adaptor/suspension-service]
module.suspension-service.data.aws_s3_bucket.access_logs: Read complete after 1s [id=dev-orc-access-logs]
module.suspension-service.data.aws_iam_policy_document.kms_key_policy_doc: Reading...
module.suspension-service.data.aws_iam_policy_document.kms_key_policy_doc: Read complete after 0s [id=220216613]
data.aws_iam_policy_document.ecr_policy_doc: Reading...
data.aws_iam_policy_document.ecr_policy_doc: Read complete after 0s [id=1289991967]
data.aws_iam_policy_document.logs_policy_doc: Reading...
data.aws_iam_policy_document.logs_policy_doc: Read complete after 0s [id=1671441502]
data.aws_vpc.private_vpc: Read complete after 1s
data.aws_iam_policy_document.dynamodb-table-access: Reading...
data.aws_iam_policy_document.dynamodb-table-access: Read complete after 0s [id=357627877]
data.aws_iam_policy_document.sns_policy_doc: Reading...
data.aws_iam_policy_document.sns_policy_doc: Read complete after 0s [id=1342850970]

Planning failed. Terraform encountered an error while generating this plan.


Warning: Value for undeclared variable

The root module does not declare a variable named "common_account_id" but a
value was found in file "pipeline.auto.tfvars". If you meant to use this
value, add a "variable" block to the configuration.

To silence these warnings, use TF_VAR_... environment variables to provide
certain "global" settings to all configurations in your organization. To
reduce the verbosity of these warnings, use the -compact-warnings option.

Warning: Value for undeclared variable

The root module does not declare a variable named "common_account_role" but a
value was found in file "pipeline.auto.tfvars". If you meant to use this
value, add a "variable" block to the configuration.

To silence these warnings, use TF_VAR_... environment variables to provide
certain "global" settings to all configurations in your organization. To
reduce the verbosity of these warnings, use the -compact-warnings option.

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.event_out_of_order_observability_queue" from
prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.mof_updated_audit_splunk_dlq" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.mof_not_updated_audit_splunk_dlq" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.invalid_suspension" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.mof_not_updated" from prior state: unsupported
attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.not_suspended_observability" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue_policy.mof_updated_events_audit_subscription"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.mof_updated_audit" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_cloudwatch_metric_alarm.suspension_mof_not_updated_audit"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.invalid_suspension" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_cloudwatch_metric_alarm.suspension_not_suspended_audit"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue_policy.not_suspended_events_subscription" from
prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.deceased_patient" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.mof_not_updated_audit" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.invalid_suspension_audit" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.deceased_patient_audit" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue_policy.invalid_suspension_subscription" from
prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue_policy.not_suspended_events_audit_subscription"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue_policy.non_sensitive_deceased_subscription"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"aws_sns_topic_subscription.event_out_of_order_observability_queue" from
prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.event_out_of_order_audit" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_ssm_parameter.mof_updated_queue" from prior state:
unsupported attribute "has_value_wo"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.mof_not_updated" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"aws_cloudwatch_metric_alarm.suspension_deceased_patient_audit" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_ecs_service.ecs-service" from prior state: unsupported
attribute "arn"

Warning: Failed to decode resource from state

Error decoding "aws_ssm_parameter.not_suspended_observability_queue" from
prior state: unsupported attribute "has_value_wo"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.not_suspended_audit_splunk_dlq" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"aws_cloudwatch_metric_alarm.suspension_invalid_suspension_dlq_audit" from
prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.invalid_suspension_splunk_dlq" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_cloudwatch_metric_alarm.suspension_mof_updated_audit"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.mof_updated" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"aws_sqs_queue_policy.mof_not_updated_events_audit_subscription" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_iam_policy.suspensions_processor_sqs" from prior state:
unsupported attribute "delay_after_policy_creation_in_ms"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.deceased_patient_audit_splunk_dlq" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.not_suspended" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue_policy.event_out_of_order_audit_subscription"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_cloudwatch_metric_alarm.suspension_out_of_order_audit"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.not_suspended_audit" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue_policy.mof_not_updated_events_subscription"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue_policy.mof_updated_events_subscription" from
prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue_policy.invalid_suspension_audit_subscription"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.deceased_patient" from prior state: unsupported
attribute "region"

Warning: Failed to decode resource from state

Error decoding
"aws_sqs_queue_policy.non_sensitive_deceased_audit_subscription" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.mof_updated_audit" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_ecs_task_definition.task" from prior state: unsupported
attribute "enable_fault_injection"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.event_out_of_order_audit_splunk_dlq" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.not_suspended_audit" from prior state:
unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sqs_queue.mof_updated" from prior state: unsupported
attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.event_out_of_order_audit" from
prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.mof_not_updated_audit" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.invalid_suspension_audit" from
prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "aws_sns_topic_subscription.deceased_patient_audit" from prior
state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"aws_sqs_queue_policy.event_out_of_order_observability_queue_subscription"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_ssm_parameter.suspensions_queue_name" from
prior state: unsupported attribute "has_value_wo"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_sqs_queue_policy.suspensions_subscription"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_sns_topic_subscription.suspensions_topic" from
prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_sqs_queue.repo_incoming_observability_queue"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "module.suspension-service.aws_sqs_queue.suspensions" from
prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_cloudwatch_metric_alarm.suspensions_queue_age_of_message"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_sqs_queue_policy.repo_incoming_observability"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_s3_bucket_server_side_encryption_configuration.ingestion_bucket"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding "module.suspension-service.aws_lambda_function.lambda" from
prior state: unsupported attribute "capacity_provider_config"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_ssm_parameter.suspensions_queue_arn" from
prior state: unsupported attribute "has_value_wo"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_iam_policy.suspensions_queue_send_message_policy"
from prior state: unsupported attribute "delay_after_policy_creation_in_ms"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_sns_topic_subscription.repo_incoming_observability_queue"
from prior state: unsupported attribute "region"

Warning: Failed to decode resource from state

Error decoding
"module.suspension-service.aws_s3_bucket_logging.ingestion_bucket" from prior
state: unsupported attribute "region"


Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.not_suspended_observability was created by
a newer provider version than is currently selected. Upgrade the aws provider
to work with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.event_out_of_order_observability_queue was
created by a newer provider version than is currently selected. Upgrade the
aws provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.mof_updated_audit_splunk_dlq was created
by a newer provider version than is currently selected. Upgrade the aws
provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.mof_updated was created by a newer
provider version than is currently selected. Upgrade the aws provider to work
with this state.

Error: Resource instance managed by newer provider version

The current state of
module.suspension-service.aws_s3_bucket_server_side_encryption_configuration.ingestion_bucket
was created by a newer provider version than is currently selected. Upgrade
the aws provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.event_out_of_order_audit_splunk_dlq was
created by a newer provider version than is currently selected. Upgrade the
aws provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.invalid_suspension was created by a newer
provider version than is currently selected. Upgrade the aws provider to work
with this state.

Error: Resource instance managed by newer provider version

The current state of
module.suspension-service.aws_sqs_queue.repo_incoming_observability_queue was
created by a newer provider version than is currently selected. Upgrade the
aws provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of module.suspension-service.aws_sqs_queue.suspensions was
created by a newer provider version than is currently selected. Upgrade the
aws provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.mof_not_updated_audit_splunk_dlq was
created by a newer provider version than is currently selected. Upgrade the
aws provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of
module.suspension-service.aws_s3_bucket_logging.ingestion_bucket was created
by a newer provider version than is currently selected. Upgrade the aws
provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.deceased_patient_audit_splunk_dlq was
created by a newer provider version than is currently selected. Upgrade the
aws provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.mof_not_updated was created by a newer
provider version than is currently selected. Upgrade the aws provider to work
with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.invalid_suspension_splunk_dlq was created
by a newer provider version than is currently selected. Upgrade the aws
provider to work with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.deceased_patient was created by a newer
provider version than is currently selected. Upgrade the aws provider to work
with this state.

Error: Resource instance managed by newer provider version

The current state of aws_sqs_queue.not_suspended_audit_splunk_dlq was created
by a newer provider version than is currently selected. Upgrade the aws
provider to work with this state.