Remove classic link options

[davidkelliott]

EC2-Classic networking has been retired and references to it have been
deprecated in the AWS provider -

hashicorp/terraform-provider-aws#23625

This change fixes deprecation warnings we started getting -

Warning: Argument is deprecated

  with module.vpc.aws_vpc.default,
  on ../../modules/vpc-hub/main.tf line 105, in resource "aws_vpc" "default":
 105:   enable_classiclink             = false

With the retirement of EC2-Classic the enable_classiclink attribute has been
deprecated and will be removed in a future version.

[github-actions]

TERRATEST RESULT - core-security
ok test 76.010s

[github-actions]

TERRAFORM PLAN RESULT - core-security
No changes. Your infrastructure matches the configuration.

[github-actions]

TFSEC Scan Success

Show Output

*****************************

TFSEC will check the following folders:
terraform/environments/core-network-services terraform/modules/vpc-hub

*****************************

Running TFSEC in terraform/environments/core-network-services
Excluding the following checks: aws-ssm-secret-use-customer-key,github-repositories-private,aws-vpc-no-excessive-port-access,github-repositories-require-signed-commits
  timings
  ──────────────────────────────────────────
  disk i/o             926.963µs
  parsing              1.135580008s
  adaptation           2.138836ms
  checks               716.696336ms
  total                1.855342143s

  counts
  ──────────────────────────────────────────
  modules downloaded   1
  modules processed    9
  blocks processed     266
  files read           46

  results
  ──────────────────────────────────────────
  passed               53
  ignored              56
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

*****************************

Running TFSEC in terraform/modules/vpc-hub
Excluding the following checks: aws-ssm-secret-use-customer-key,github-repositories-private,aws-vpc-no-excessive-port-access,github-repositories-require-signed-commits
  timings
  ──────────────────────────────────────────
  disk i/o             148.008µs
  parsing              33.411328ms
  adaptation           956.761µs
  checks               363.737461ms
  total                398.253558ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     56
  files read           4

  results
  ──────────────────────────────────────────
  passed               22
  ignored              21
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

Checkov Scan Failed

Show Output

*****************************

Checkov will check the following folders:
terraform/environments/core-network-services terraform/modules/vpc-hub

*****************************

Running Checkov in terraform/environments/core-network-services
Excluding the following checks: CKV_GIT_1,CKV_AWS_126
2022-09-05 14:56:23,487 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-pagerduty-integration?ref=v1.0.0:None (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 111, Failed checks: 6, Skipped checks: 15

Check: CKV2_AWS_39: "Ensure Domain Name System (DNS) query logging is enabled for Amazon Route 53 hosted zones"
	FAILED for resource: aws_route53_zone.application_zones
	File: /route53.tf:28-39

		28 | resource "aws_route53_zone" "application_zones" {
		29 |   for_each = local.application-zones
		30 | 
		31 |   name = each.value
		32 | 
		33 |   tags = merge(
		34 |     local.tags,
		35 |     {
		36 |       Name = "${each.key}-hosted-zone"
		37 |     }
		38 |   )
		39 | }

Check: CKV2_AWS_39: "Ensure Domain Name System (DNS) query logging is enabled for Amazon Route 53 hosted zones"
	FAILED for resource: aws_route53_zone.modernisation-platform-internal
	File: /route53.tf:16-25

		16 | resource "aws_route53_zone" "modernisation-platform-internal" {
		17 | 
		18 |   name = local.modernisation-platform-internal-domain
		19 | 
		20 |   vpc {
		21 |     vpc_id = module.vpc_hub["live_data"].vpc_id
		22 |   }
		23 | 
		24 |   tags = local.tags
		25 | }

Check: CKV2_AWS_39: "Ensure Domain Name System (DNS) query logging is enabled for Amazon Route 53 hosted zones"
	FAILED for resource: aws_route53_zone.modernisation-platform
	File: /route53.tf:11-14

		11 | resource "aws_route53_zone" "modernisation-platform" {
		12 |   name = local.modernisation-platform-domain
		13 |   tags = local.tags
		14 | }

Check: CKV2_AWS_38: "Ensure Domain Name System Security Extensions (DNSSEC) signing is enabled for Amazon Route 53 public hosted zones"
	FAILED for resource: aws_route53_zone.application_zones
	File: /route53.tf:28-39

		28 | resource "aws_route53_zone" "application_zones" {
		29 |   for_each = local.application-zones
		30 | 
		31 |   name = each.value
		32 | 
		33 |   tags = merge(
		34 |     local.tags,
		35 |     {
		36 |       Name = "${each.key}-hosted-zone"
		37 |     }
		38 |   )
		39 | }

Check: CKV2_AWS_38: "Ensure Domain Name System Security Extensions (DNSSEC) signing is enabled for Amazon Route 53 public hosted zones"
	FAILED for resource: aws_route53_zone.modernisation-platform-internal
	File: /route53.tf:16-25

		16 | resource "aws_route53_zone" "modernisation-platform-internal" {
		17 | 
		18 |   name = local.modernisation-platform-internal-domain
		19 | 
		20 |   vpc {
		21 |     vpc_id = module.vpc_hub["live_data"].vpc_id
		22 |   }
		23 | 
		24 |   tags = local.tags
		25 | }

Check: CKV2_AWS_38: "Ensure Domain Name System Security Extensions (DNSSEC) signing is enabled for Amazon Route 53 public hosted zones"
	FAILED for resource: aws_route53_zone.modernisation-platform
	File: /route53.tf:11-14

		11 | resource "aws_route53_zone" "modernisation-platform" {
		12 |   name = local.modernisation-platform-domain
		13 |   tags = local.tags
		14 | }


checkov_exitcode=1

*****************************

Running Checkov in terraform/modules/vpc-hub
Excluding the following checks: CKV_GIT_1,CKV_AWS_126
terraform scan results:

Passed checks: 68, Failed checks: 0, Skipped checks: 1


checkov_exitcode=1

CTFLint Scan Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing `aws` plugin...
Installed `aws` (source: github.com/terraform-linters/tflint-ruleset-aws, version: 0.15.0)
tflint will check the following folders:
terraform/environments/core-network-services terraform/modules/vpc-hub

*****************************

Running tflint in terraform/environments/core-network-services
tflint_exitcode=0

*****************************

Running tflint in terraform/modules/vpc-hub
tflint_exitcode=0

[github-actions]

TERRATEST RESULT - core-shared-services
ok test 118.180s

[github-actions]

TERRATEST RESULT - core-network-services
ok test 125.780s

[github-actions]

TERRAFORM PLAN RESULT - core-shared-services
No changes. Your infrastructure matches the configuration.

[github-actions]

TERRATEST RESULT - core-logging
ok test 148.124s

[github-actions]

TERRAFORM PLAN RESULT - core-network-services
No changes. Your infrastructure matches the configuration.

[github-actions]

TERRAFORM PLAN RESULT - core-logging
Plan: 0 to add, 1 to change, 0 to destroy.