{"id":19847299,"url":"https://github.com/cds-snc/forms-terraform","last_synced_at":"2026-02-23T20:23:16.064Z","repository":{"id":37804028,"uuid":"319976193","full_name":"cds-snc/forms-terraform","owner":"cds-snc","description":"Infrastructure as Code for the GC Forms environment","archived":false,"fork":false,"pushed_at":"2025-08-22T00:18:32.000Z","size":8822,"stargazers_count":16,"open_issues_count":20,"forks_count":7,"subscribers_count":7,"default_branch":"main","last_synced_at":"2025-08-22T02:29:57.146Z","etag":null,"topics":["aws","terraform","terragrunt"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cds-snc.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-12-09T14:09:23.000Z","updated_at":"2025-08-18T13:58:56.000Z","dependencies_parsed_at":"2024-03-17T02:33:57.948Z","dependency_job_id":"d02ddb4f-ba21-4a29-8e0c-8b423ea3cdb0","html_url":"https://github.com/cds-snc/forms-terraform","commit_stats":null,"previous_names":[],"tags_count":86,"template":false,"template_full_name":null,"purl":"pkg:github/cds-snc/forms-terraform","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cds-snc%2Fforms-terraform","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cds-snc%2Fforms-terraform/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cds-snc%2Fforms-terraform/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cds-snc%2Fforms-terraform/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cds-snc","download_url":"https://codeload.github.com/cds-snc/forms-terraform/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cds-snc%2Fforms-terraform/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":272696744,"owners_count":24978148,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-29T02:00:10.610Z","response_time":87,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","terraform","terragrunt"],"created_at":"2024-11-12T13:13:58.787Z","updated_at":"2026-02-23T20:23:16.004Z","avatar_url":"https://github.com/cds-snc.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Forms Terraform\n\nInfrastructure as Code for the GC Forms environment.\n\n## Contributing\n\nPull Requests in this repository require all commits to be signed before they can be merged. Please see [this guide](https://docs.github.com/en/github/authenticating-to-github/managing-commit-signature-verification) for more information.\n\n## Prerequisites:\n\n- [Colima](https://github.com/abiosoft/colima)\n\n 1. Install Docker\n - `brew install docker docker-buildx docker-compose docker-credential-helper`\n 1. Modify the docker config file to use mac os keychain as `credStore`\n\n ```shell\n nano ~/.docker/config.json\n\n {\n ...\n \"credsStore\": \"osxkeychain\",\n ...\n }\n ```\n\n 1. Install Colima: `brew install colima`\n 1. Add symlink to `/var/run`\n\n ```shell\n\n # as /var/ is a protected directory, we will need sudo\n sudo ln ~/.colima/default/docker.sock /var/run\n\n # we can verify this has worked by running\n ls /var/run\n # and confirming that docker.sock is now in the directory\n ```\n\n 1. Colima can be set as a service to start on login: `brew services start colima`\n\n- Homebrew:\n\n ```bash\n /bin/bash -c \"$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)\"\n ```\n\n- Terragrunt:\n\n 1. `brew install warrensbox/tap/tfswitch`\n 1. `tfswitch 1.12.2`\n 1. `brew install warrensbox/tap/tgswitch`\n 1. `tgswitch 0.83.0`\n\n- Yarn (chances are you already have this if working on the app):\n\n ```shell\n $ brew install yarn\n ```\n\n- [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html)\n\n 1. Install AWS CLI\n\n ```shell\n curl \"https://awscli.amazonaws.com/AWSCLIV2.pkg\" -o \"AWSCLIV2.pkg\"\n sudo installer -pkg AWSCLIV2.pkg -target /\n ```\n\n- [OpenVPN](https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage):\n\n - `$ brew install openvpn`\n - In `.zprofile` add bin to Path: `export PATH=\"/usr/local/opt/openvpn/sbin:$PATH\"`\n\n## Set your environment variables\n\nCreate an `.env` file at the root of the project and use the `.env.example` as a template. You can find some of the values in 1Password \u003e Local Development .ENV secure note.\n\n```shell\nAWS_ACCOUNT_ID=YOUR_AWS_SCRATCH_ACCOUNT_ID\nSTAGING_AWS_ACCOUNT_ID=CURRENT_STAGING_ACCOUNT_ID\n```\n\n## AWS CLI Crendentials\n\nAdd the following configuration to your `~/.aws/config` file\n\n- The `sso_start_url` value can be found by asking one or your colleages\n- The `sso_account_id` is your AWS Scratch Account ID\n\n```\n[sso-session CDS]\nsso_start_url = https://***********.awsapps.com/start#\nsso_region = ca-central-1\nsso_registration_scopes = sso:account:access\n[profile development]\nsso_session = CDS\nsso_account_id = ************\nsso_role_name = AWSAdministratorAccess\nregion = ca-central-1\noutput = json\n```\n\nOnce the configuration above is entered into the AWS CLI configuration a developer can generate credentials for the terminal by running:\n`aws sso login --profile development`\n\nThis will open a browser window and ask you to go through the regular AWS Console login process. Once completed, or if you have already logged in that day, you will be presented with a message notifying you that the credentials have been supplied to the CLI.\n\n## Building the Development Environment\n\n### Creating VPN certificates\n\nThe first time you set up the development environment you will need to create PKI certificates in order to connect into the AWS VPC. This step is only needed the first time you build the environment or you delete the certificate folders.\n\n```shell\n$ make create_certs\n```\n\n### Deploying infrastructure as code into your scratch account\n\nPlease ensure you have run `aws sso login --profile development` before continuing.\n\n```shell\n$ make build_env\n```\n\nCopy the variables at the end of the output, as seen below, into your application folder's `.env` file.\n\n```shell\nAll infratructure initialized: Ready for requests\n=\u003e Please copy the following to your app .env file:\nAWS_PROFILE=development\nDATABASE_URL=postgres://postgres:*********@forms-db-cluster.cluster-************.ca-central-1.rds.amazonaws.com:5432/forms?connect_timeout=60\nREDIS_URL=gcforms-redis-rep-group-001.******.0001.cac1.cache.amazonaws.com:6379\nRELIABILITY_FILE_STORAGE=forms-************-reliability-file-storage\nVAULT_FILE_STORAGE_BUCKET_NAME=forms-************-vault-file-storage\n```\n\n### Connecting your local development GCForms app\n\nThe following command creates a vpn tunnel from your local machine into the VPC of the scratch account. This allows your local development environment to connect to backend services like RDS, SQS, Lambdas, and all the other AWS services the GCForms app leverages.\n\n```shell\n$ make connect_env\n```\n\n### Destroying infrastructure as code in your scratch account\n\nTo remove all infrastructure as code that was deployed you can simply run the following:\n\n```shell\n$ make destroy_env\n```\n\nThis will remove all infrastructure created by terraform as well as terraform state and terraform lock resources. This will not remove any resources created by click ops in the AWS Console.\n\n## Containerized Lambda functions\n\nThe `deps.sh` script allows you to download required dependencies for all Lambda packages available under `/lambda-code`.\n\n```shell\n$ cd lambda-code/\n$ ./deps.sh install\n```\n\nOnce you have changed the code in one or multiple Lambda packages, you can leverage the `make lambdas` or `make lambda name=LAMBDA_NAME` commands. They will build, tag and push either all Lambda images or a specific image to your ECR as well as letting the Lambda service know that a new version of the code should be used.\n\n## Dynamo Database Table Schemas\n\n## [Optional] Glue ETL Job Tasks for Data Lake Extract\n\nAs it's generally unnecessary for Glue ETL Jobs to be running passively on Dev accounts, the service isn't built by default.\n\nTo build in the dev environment, build the environment as usual, then run :\n\n```shell\nmake build_module name=glue\n```\n\nThis will setup the Glue scripts to be run. They can then be accessed via the AWS Dashboard.\n\nFor more details see [Datalake Documentation](/docs/datalake.md)\n\n### Vault Table\n\n#### Table\n\n![Vault Table](./readme_images/Vault.png)\n\n#### StatusCreatedAt Global Secondary Index\n\nThis Index supports the future feature of the GCForms API. Essentially the ability to retrieve responses without using the Application Interface.\n![StatusCreatedAt Index](./readme_images/GSI_Vault_StatusCreatedAt.png)\n\n# Traduction en français à venir...\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcds-snc%2Fforms-terraform","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcds-snc%2Fforms-terraform","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcds-snc%2Fforms-terraform/lists"}