Razvan Cosma

Quick note - the needed routing is already done in https://github.com/ministryofjustice/transit-gateways/blob/master/terraform/transit-gateway/tgw-routes.tf#L135

this should address both the application itself and inform the users that ingress+modsecurity has its own log (can be defined using directives documented in https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-(v3.x)#SecAuditLogParts)

@vijay-veeranki https://github.com/ministryofjustice/cloud-platform-terraform-alb-ingress-controller

https://medium.com/@anton.babenko/make-terraform-faster-skip-unnecessary-checks-aws-and-s3-3ab00df9c3a9 never tried it, 20% sounds nice!

Waiting for https://support.console.aws.amazon.com/support/home?region=eu-west-2#/case/?displayId=10591647471&language=en

https://docs.aws.amazon.com/efs/latest/ug/logging-using-cloudtrail.html says logs are different if encrypted, checking.. so far Cloudtrail has shown only ``` "userIdentity": { "type": "AWSAccount", "principalId": "", "accountId": "ANONYMOUS_PRINCIPAL" }, ``` no matter what I tried

After a conversation with AWS support, we are waiting for https://github.com/kubernetes-sigs/aws-efs-csi-driver/issues/280 Still blocked.

https://github.com/kubernetes-sigs/aws-efs-csi-driver/pull/777 release was broken :(

tried https://openunison.github.io/ - complex and docs too poor, solution doesn't seem ready for prime time yet and https://goteleport.com/ - complex, good docs, looks promising but the open source version only...

~waiting for https://us-east-1.console.aws.amazon.com/support/home?region=eu-west-2#/case/?displayId=10332130631&language=en~