dms1981

Closing this one because so far as I can tell it was a duplicate of https://github.com/ministryofjustice/modernisation-platform/issues/2521 - this card is a bit less specific, but the goal of separating MP...

Hi @justinretzolk - the `var.vpc_id` ID was provided through a data call as the live use of this code was in a module. You can see the module [here](https://github.com/ministryofjustice/modernisation-platform/blob/main/terraform/modules/ram-ec2-retagging/main.tf). It's...

In short, if an application has gone live, there should be no use of the `migration` role.

I'll chase Julia to see what to do here; this might be closeable without our direct involvement.

I don't see anything in `bootstrap/member-bootstrap` covering a `MemberInfrastructureAccess` role in `eu-west-3` so this still appears to be required.

https://github.com/ministryofjustice/modernisation-platform/pull/6952 and https://github.com/ministryofjustice/modernisation-platform/pull/6959 both refer to this issue. In short, because the `sprinkler` account doesn't have SecurityHub enrollment for `eu-west-3`, this PR was causing the scheduled baselines job to fail....

Moved this back to draft as I identified a case where traffic was moving directly between the public subnet and a private address range

After looking through the VPC flow logs I could see a single exception. I'd need to confer with the responsible team, but something like this would be the likely way...

Added some extra handling for `xhibit-portal` requirements, but it's a very first-pass solution at present.

Is this potentially too broad? Is this ticket meant to cover the creation of a new alerting/notification module that we can use, or a one-off to cover alerting when certificates...