W. W. Norton & Company Infrastructure Drift Report
82
Total Stacks
60
Clean
14
Drift Detected
8
Errors
accounts/development/acm-pca
CLEAN
accounts/development/acm
CLEAN
accounts/development/amazon-mq
CLEAN
accounts/development/cloudfront/drift-report
CLEAN
accounts/development/cloudwatch
CLEAN
accounts/development/config
CLEAN
accounts/development/elasticache
CLEAN
accounts/development/events
CLEAN
accounts/development/lambda
CLEAN
accounts/development/logs
CLEAN
accounts/development/memorydb
CLEAN
accounts/development/rds
CLEAN
accounts/development/route53
CLEAN
accounts/development/s3_to_loki
CLEAN
accounts/development/s3_users_secrets
CLEAN
accounts/development/s3
CLEAN
accounts/development/secretsmanager
CLEAN
accounts/development/sftp
CLEAN
accounts/development/sns
CLEAN
accounts/development/sqs
CLEAN
accounts/development/vpc
CLEAN
accounts/development/waf-ip-lists
CLEAN
accounts/development/ec2
DRIFT UNKNOWN CAUSE
Change may be older than the 90-day CloudTrail window, or this is Terraform code that has not been applied yet
View plan output
module.ec2.aws_security_group.wwnorton_networks["vpc-0db14c78307b70ca1"]: Refreshing state... [id=sg-037984cb045edb723]
module.ec2.aws_vpc_security_group_ingress_rule.allow_wwnorton_nyc_hf["vpc-0db14c78307b70ca1"]: Refreshing state... [id=sgr-02a29fe564d3f3eba]
module.ec2.aws_vpc_security_group_ingress_rule.allow_wwnorton_nyc_cogent["vpc-0db14c78307b70ca1"]: Refreshing state... [id=sgr-0688c9ef39b332819]
module.ec2.aws_vpc_security_group_ingress_rule.allow_wwnorton_nbc_att["vpc-0db14c78307b70ca1"]: Refreshing state... [id=sgr-02712a82bdc46987b]
module.ec2.aws_vpc_security_group_ingress_rule.allow_wwnorton_nbc_hf["vpc-0db14c78307b70ca1"]: Refreshing state... [id=sgr-0d66cdbf4eb17d68b]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # module.ec2.aws_security_group.wwnorton_networks["vpc-0db14c78307b70ca1"] will be created
  + resource "aws_security_group" "wwnorton_networks" {
      + arn                    = (known after apply)
      + description            = "W.W. Norton networks"
      + egress                 = [
          + {
              + cidr_blocks      = [
                  + "0.0.0.0/0",
                ]
              + description      = ""
              + from_port        = 0
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "-1"
              + security_groups  = []
              + self             = false
              + to_port          = 0
            },
        ]
      + id                     = (known after apply)
      + ingress                = (known after apply)
      + name                   = "W.W. Norton networks"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags                   = {
          + "Jira" = "ENG-175"
          + "Name" = "W.W. Norton networks"
        }
      + tags_all               = {
          + "Jira" = "ENG-175"
          + "Name" = "W.W. Norton networks"
        }
      + vpc_id                 = "vpc-0db14c78307b70ca1"
    }

  # module.ec2.aws_vpc_security_group_ingress_rule.allow_wwnorton_nbc_att["vpc-0db14c78307b70ca1"] will be created
  + resource "aws_vpc_security_group_ingress_rule" "allow_wwnorton_nbc_att" {
      + arn                    = (known after apply)
      + cidr_ipv4              = "12.40.28.128/27"
      + description            = "W.W. Norton - NBC ATT"
      + id                     = (known after apply)
      + ip_protocol            = "-1"
      + security_group_id      = (known after apply)
      + security_group_rule_id = (known after apply)
      + tags_all               = {}
    }

  # module.ec2.aws_vpc_security_group_ingress_rule.allow_wwnorton_nbc_hf["vpc-0db14c78307b70ca1"] will be created
  + resource "aws_vpc_security_group_ingress_rule" "allow_wwnorton_nbc_hf" {
      + arn                    = (known after apply)
      + cidr_ipv4              = "104.218.140.96/27"
      + description            = "W.W. Norton - NBC HF"
      + id                     = (known after apply)
      + ip_protocol            = "-1"
      + security_group_id      = (known after apply)
      + security_group_rule_id = (known after apply)
      + tags_all               = {}
    }

  # module.ec2.aws_vpc_security_group_ingress_rule.allow_wwnorton_nyc_cogent["vpc-0db14c78307b70ca1"] will be created
  + resource "aws_vpc_security_group_ingress_rule" "allow_wwnorton_nyc_cogent" {
      + arn                    = (known after apply)
      + cidr_ipv4              = "38.109.85.96/27"
      + description            = "W.W. Norton - NYC Cogent"
      + id                     = (known after apply)
      + ip_protocol            = "-1"
      + security_group_id      = (known after apply)
      + security_group_rule_id = (known after apply)
      + tags_all               = {}
    }

  # module.ec2.aws_vpc_security_group_ingress_rule.allow_wwnorton_nyc_hf["vpc-0db14c78307b70ca1"] will be created
  + resource "aws_vpc_security_group_ingress_rule" "allow_wwnorton_nyc_hf" {
      + arn                    = (known after apply)
      + cidr_ipv4              = "104.218.140.128/27"
      + description            = "W.W. Norton - NYC HF"
      + id                     = (known after apply)
      + ip_protocol            = "-1"
      + security_group_id      = (known after apply)
      + security_group_rule_id = (known after apply)
      + tags_all               = {}
    }

Plan: 5 to add, 0 to change, 0 to destroy.

Warning: AWS resource not found during refresh

  with module.ec2.aws_vpc_security_group_ingress_rule.allow_wwnorton_nyc_cogent["vpc-0db14c78307b70ca1"],
  on ../../../aws/ec2/securitygroups.tf line 21, in resource "aws_vpc_security_group_ingress_rule" "allow_wwnorton_nyc_cogent":
  21: resource "aws_vpc_security_group_ingress_rule" "allow_wwnorton_nyc_cogent" {

Automatically removing from Terraform State instead of returning the error,
which may trigger resource recreation. Original error: couldn't find resource

(and 3 more similar warnings elsewhere)

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.
accounts/development/iam
DRIFT NON-AWS
Not tracked by AWS CloudTrail
View plan output
module.iam.aws_iam_policy.lambda_monitoring_vpn_routes_policy[0]: Refreshing state... [id=arn:aws:iam::637244866643:policy/lambda_monitoring_vpn_routes_policy_dev]
module.iam.data.aws_caller_identity.current: Reading...
module.iam.aws_iam_policy.lambda_security_exposed_key_ids_policy[0]: Refreshing state... [id=arn:aws:iam::637244866643:policy/lambda_security_exposed_key_ids_policy_dev]
module.iam.aws_iam_user.temporary_users["enrique-pennimpede"]: Refreshing state... [id=temp-enrique-pennimpede]
module.iam.aws_iam_policy.sftp_user_policy["r-console-data"]: Refreshing state... [id=arn:aws:iam::637244866643:policy/sftp_user_policy_r-console-data_dev]
module.iam.aws_iam_role.lambda_security_exposed_keywords_role[0]: Refreshing state... [id=lambda_security_exposed_keywords_role_dev]
module.iam.aws_iam_policy.s3_users_policy[1]: Refreshing state... [id=arn:aws:iam::637244866643:policy/s3_users_policy_r-console-data_dev]
module.iam.aws_iam_role.sftp_user_role["r-console-data"]: Refreshing state... [id=sftp_user_role_r-console-data_dev]
module.iam.aws_iam_role.lambda_security_exposed_key_ids_role[0]: Refreshing state... [id=lambda_security_exposed_key_ids_role_dev]
module.iam.aws_iam_role.vpc_client_vpn_endpoint_azure_clientvpn_role[0]: Refreshing state... [id=vpc_client_vpn_endpoint_azure_clientvpn_role_dev]
module.iam.data.aws_caller_identity.current: Read complete after 0s [id=637244866643]
module.iam.aws_iam_policy.gitlab_oidc_pipeline[0]: Refreshing state... [id=arn:aws:iam::637244866643:policy/platform-infra-pipeline-dev-policy]
module.iam.aws_iam_openid_connect_provider.gitlab[0]: Refreshing state... [id=arn:aws:iam::637244866643:oidc-provider/gitlab.com]
module.iam.aws_iam_policy.cloudwatch_apm_synthetics_canary_policy[0]: Refreshing state... [id=arn:aws:iam::637244866643:policy/cloudwatch_apm_synthetics_canary_policy_dev]
module.iam.aws_iam_role.lambda_monitoring_vpn_routes_role[0]: Refreshing state... [id=lambda_monitoring_vpn_routes_role_dev]
module.iam.aws_iam_policy.s3_users_policy[0]: Refreshing state... [id=arn:aws:iam::637244866643:policy/s3_users_policy_knewton_dev]
module.iam.aws_iam_user.temporary_users["francisco-carena"]: Refreshing state... [id=temp-francisco-carena]
module.iam.aws_iam_user.temporary_users["christoph-genster"]: Refreshing state... [id=temp-christoph-genster]
module.iam.aws_iam_role.cloudwatch_apm_synthetics_canary[0]: Refreshing state... [id=cloudwatch_apm_synthetics_canary_role]
data.aws_secretsmanager_secret.gitlab_access_token_secret: Reading...
module.iam.aws_iam_policy.gitlab_oidc_extra["cluster-manager"]: Refreshing state... [id=arn:aws:iam::637244866643:policy/cluster-manager-pipeline-dev-policy]
module.iam.aws_iam_policy.lambda_security_exposed_keywords_policy[0]: Refreshing state... [id=arn:aws:iam::637244866643:policy/lambda_security_exposed_keywords_policy_dev]
module.iam.aws_iam_saml_provider.saml_providers["0"]: Refreshing state... [id=arn:aws:iam::637244866643:saml-provider/Azure_AWS_ClientVPN]
module.iam.aws_iam_user.s3_users[0]: Refreshing state... [id=s3_knewton]
module.iam.aws_iam_user.s3_users[1]: Refreshing state... [id=s3_r_console_data]
data.aws_secretsmanager_secret.gitlab_access_token_secret: Read complete after 0s [id=arn:aws:secretsmanager:us-east-1:637244866643:secret:gitlab_access_token-TeW6uy]
module.iam.aws_iam_role_policy_attachment.vpc_client_vpn_endpoint_azure_clientvpn_policy_attachment[0]: Refreshing state... [id=vpc_client_vpn_endpoint_azure_clientvpn_role_dev-20250325210844841100000001]
module.iam.aws_iam_role_policy_attachment.sftp_user_policy_attachment["r-console-data"]: Refreshing state... [id=sftp_user_role_r-console-data_dev-20240722055656301600000001]
module.iam.aws_iam_policy.temporary_expiration_policy["francisco-carena"]: Refreshing state... [id=arn:aws:iam::637244866643:policy/temporary/temporary-expiration-francisco-carena-dev]
module.iam.aws_iam_policy.temporary_expiration_policy["christoph-genster"]: Refreshing state... [id=arn:aws:iam::637244866643:policy/temporary/temporary-expiration-christoph-genster-dev]
module.iam.aws_iam_policy.temporary_expiration_policy["enrique-pennimpede"]: Refreshing state... [id=arn:aws:iam::637244866643:policy/temporary/temporary-expiration-enrique-pennimpede-dev]
module.iam.aws_iam_role.gitlab_oidc_extra["cluster-manager"]: Refreshing state... [id=cluster-manager-pipeline-dev]
module.iam.aws_iam_role_policy_attachment.lambda_security_exposed_key_ids_policy_attachment[0]: Refreshing state... [id=lambda_security_exposed_key_ids_role_dev-20240602124043640100000001]
module.iam.aws_iam_role_policy_attachment.lambda_monitoring_vpn_routes_policy_attachment[0]: Refreshing state... [id=lambda_monitoring_vpn_routes_role_dev-20250328124350922500000001]
module.iam.aws_iam_user_login_profile.temporary_users_console["francisco-carena"]: Refreshing state... [id=temp-francisco-carena]
module.iam.aws_iam_access_key.temporary_users["francisco-carena"]: Refreshing state... [id=AKIAZIXWBABJQHVU54HS]
module.iam.aws_iam_role.gitlab_oidc_pipeline[0]: Refreshing state... [id=platform-infra-pipeline-dev]
module.iam.aws_iam_user_login_profile.temporary_users_console["christoph-genster"]: Refreshing state... [id=temp-christoph-genster]
module.iam.aws_iam_user_login_profile.temporary_users_console["enrique-pennimpede"]: Refreshing state... [id=temp-enrique-pennimpede]
module.iam.aws_iam_policy.temporary_user_policy["christoph-genster"]: Refreshing state... [id=arn:aws:iam::637244866643:policy/temporary/temporary-user-christoph-genster-policy-dev]
module.iam.aws_iam_access_key.temporary_users["christoph-genster"]: Refreshing state... [id=AKIAZIXWBABJ7JC7SR7X]
module.iam.aws_iam_access_key.temporary_users["enrique-pennimpede"]: Refreshing state... [id=AKIAZIXWBABJZH5UHGF3]
module.iam.aws_iam_policy.temporary_user_policy["enrique-pennimpede"]: Refreshing state... [id=arn:aws:iam::637244866643:policy/temporary/temporary-user-enrique-pennimpede-policy-dev]
module.iam.aws_iam_policy.temporary_user_policy["francisco-carena"]: Refreshing state... [id=arn:aws:iam::637244866643:policy/temporary/temporary-user-francisco-carena-policy-dev]
module.iam.aws_secretsmanager_secret.temporary_user_credentials["christoph-genster"]: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:637244866643:secret:temporary-user-christoph-genster-credentials-dev-81GEVu]
module.iam.aws_secretsmanager_secret.temporary_user_credentials["enrique-pennimpede"]: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:637244866643:secret:temporary-user-enrique-pennimpede-credentials-dev-WpjAOH]
module.iam.aws_secretsmanager_secret.temporary_user_credentials["francisco-carena"]: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:637244866643:secret:temporary-user-francisco-carena-credentials-dev-d3Zvcu]
module.iam.aws_iam_role_policy_attachment.canary_synthetics_full_access[0]: Refreshing state... [id=cloudwatch_apm_synthetics_canary_role-20250827134412080800000003]
module.iam.aws_iam_role_policy_attachment.canary_basic_execution[0]: Refreshing state... [id=cloudwatch_apm_synthetics_canary_role-20250827134412006500000002]
module.iam.aws_iam_role_policy_attachment.cloudwatch_apm_synthetics_canary_policy_attachment[0]: Refreshing state... [id=cloudwatch_apm_synthetics_canary_role-20250827134412005100000001]
module.iam.aws_iam_user_policy_attachment.s3_users_policy_attachment[1]: Refreshing state... [id=s3_r_console_data-20240718163653036700000001]
module.iam.aws_iam_access_key.s3_users[0]: Refreshing state... [id=AKIAZIXWBABJYG4BJNMG]
module.iam.aws_iam_user_policy_attachment.s3_users_policy_attachment[0]: Refreshing state... [id=s3_knewton-20240718162842215400000002]
module.iam.aws_iam_access_key.s3_users[1]: Refreshing state... [id=AKIAZIXWBABJ3HMQ2Z5W]
module.iam.aws_iam_role_policy_attachment.lambda_security_exposed_keywords_policy_attachment[0]: Refreshing state... [id=lambda_security_exposed_keywords_role_dev-20240808214324405200000002]
module.iam.aws_iam_user_policy_attachment.temporary_expiration_attachment["christoph-genster"]: Refreshing state... [id=temp-christoph-genster-20250606144325590400000006]
module.iam.data.aws_iam_policy_document.secrets_manager_policy[0]: Reading...
module.iam.aws_iam_user_policy_attachment.temporary_expiration_attachment["enrique-pennimpede"]: Refreshing state... [id=temp-enrique-pennimpede-20260625200542813600000002]
module.iam.data.aws_iam_policy_document.secrets_manager_policy[0]: Read complete after 0s [id=3810980726]
module.iam.aws_iam_role_policy_attachment.gitlab_oidc_extra["cluster-manager"]: Refreshing state... [id=cluster-manager-pipeline-dev-20260603144311595400000001]
module.iam.aws_iam_user_policy_attachment.temporary_expiration_attachment["francisco-carena"]: Refreshing state... [id=temp-francisco-carena-20250606144325520900000004]
module.iam.aws_iam_role_policy_attachment.gitlab_oidc_pipeline[0]: Refreshing state... [id=platform-infra-pipeline-dev-20260511151748211800000001]
module.iam.aws_secretsmanager_secret_version.temporary_user_credentials_version["christoph-genster"]: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:637244866643:secret:temporary-user-christoph-genster-credentials-dev-81GEVu|terraform-2025060614432563250000000c]
module.iam.aws_secretsmanager_secret_version.temporary_user_credentials_version["enrique-pennimpede"]: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:637244866643:secret:temporary-user-enrique-pennimpede-credentials-dev-WpjAOH|terraform-20260625200542718600000001]
module.iam.aws_secretsmanager_secret_version.temporary_user_credentials_version["francisco-carena"]: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:637244866643:secret:temporary-user-francisco-carena-credentials-dev-d3Zvcu|terraform-2025060614432562650000000a]
module.iam.aws_iam_user_policy_attachment.temporary_user_policy_attachment["christoph-genster"]: Refreshing state... [id=temp-christoph-genster-20250606144325612000000007]
module.iam.aws_iam_user_policy_attachment.temporary_user_policy_attachment["enrique-pennimpede"]: Refreshing state... [id=temp-enrique-pennimpede-20250606144325612600000008]
module.iam.aws_iam_user_policy_attachment.temporary_user_policy_attachment["francisco-carena"]: Refreshing state... [id=temp-francisco-carena-20250606144325623900000009]
module.iam.aws_iam_policy.lambda_secret_policy[0]: Refreshing state... [id=arn:aws:iam::637244866643:policy/lambda_secret_role_dev]
module.iam.data.aws_iam_policy_document.mongodbatlas_assume_role_trust[0]: Reading...
module.iam.data.aws_iam_policy_document.mongodbatlas_assume_role_trust[0]: Read complete after 0s [id=2320386112]
module.iam.aws_iam_role.mongodbatlas_assume_role[0]: Refreshing state... [id=mongodbatlas_assume_role_dev]
module.iam.aws_iam_role_policy_attachment.lambda_secret_policy_attachment_keywords[0]: Refreshing state... [id=lambda_security_exposed_keywords_role_dev-20240808214324376600000001]
module.iam.aws_iam_role_policy_attachment.lambda_secret_policy_attachment[0]: Refreshing state... [id=lambda_security_exposed_key_ids_role_dev-20240602124043746800000002]
module.iam.aws_iam_role_policy_attachment.mongodbatlas_assume_policy_attachment[0]: Refreshing state... [id=mongodbatlas_assume_role_dev-20250905174604513700000001]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place
 <= read (data resources)

Terraform will perform the following actions:

  # module.iam.data.aws_iam_policy_document.gitlab_oidc_extra_trust["cluster-manager"] will be read during apply
  # (depends on a resource or a module with changes pending)
 <= data "aws_iam_policy_document" "gitlab_oidc_extra_trust" {
      + id            = (known after apply)
      + json          = (known after apply)
      + minified_json = (known after apply)

      + statement {
          + actions = [
              + "sts:AssumeRoleWithWebIdentity",
            ]
          + effect  = "Allow"

          + condition {
              + test     = "StringEquals"
              + values   = [
                  + "https://gitlab.com",
                ]
              + variable = "gitlab.com:aud"
            }
          + condition {
              + test     = "StringLike"
              + values   = [
                  + "project_path:wwnorton/ops/cluster-manager:*",
                ]
              + variable = "gitlab.com:sub"
            }

          + principals {
              + identifiers = [
                  + "arn:aws:iam::637244866643:oidc-provider/gitlab.com",
                ]
              + type        = "Federated"
            }
        }
    }

  # module.iam.data.aws_iam_policy_document.gitlab_oidc_trust[0] will be read during apply
  # (depends on a resource or a module with changes pending)
 <= data "aws_iam_policy_document" "gitlab_oidc_trust" {
      + id            = (known after apply)
      + json          = (known after apply)
      + minified_json = (known after apply)

      + statement {
          + actions = [
              + "sts:AssumeRoleWithWebIdentity",
            ]
          + effect  = "Allow"

          + condition {
              + test     = "StringEquals"
              + values   = [
                  + "https://gitlab.com",
                ]
              + variable = "gitlab.com:aud"
            }
          + condition {
              + test     = "StringLike"
              + values   = [
                  + "project_path:wwnorton/ops/infrastructure:*",
                ]
              + variable = "gitlab.com:sub"
            }

          + principals {
              + identifiers = [
                  + "arn:aws:iam::637244866643:oidc-provider/gitlab.com",
                ]
              + type        = "Federated"
            }
        }
    }

  # module.iam.aws_iam_openid_connect_provider.gitlab[0] will be updated in-place
  ~ resource "aws_iam_openid_connect_provider" "gitlab" {
        id              = "arn:aws:iam::637244866643:oidc-provider/gitlab.com"
        tags            = {}
      ~ thumbprint_list = [
          - "d89e3bd43d5d909b47a18977aa9d5ce36cee184c",
        ]
        # (4 unchanged attributes hidden)
    }

  # module.iam.aws_iam_role.gitlab_oidc_extra["cluster-manager"] will be updated in-place
  ~ resource "aws_iam_role" "gitlab_oidc_extra" {
      ~ assume_role_policy    = jsonencode(
            {
              - Statement = [
                  - {
                      - Action    = "sts:AssumeRoleWithWebIdentity"
                      - Condition = {
                          - StringEquals = {
                              - "gitlab.com:aud" = "https://gitlab.com"
                            }
                          - StringLike   = {
                              - "gitlab.com:sub" = "project_path:wwnorton/ops/cluster-manager:*"
                            }
                        }
                      - Effect    = "Allow"
                      - Principal = {
                          - Federated = "arn:aws:iam::637244866643:oidc-provider/gitlab.com"
                        }
                    },
                ]
              - Version   = "2012-10-17"
            }
        ) -> (known after apply)
        id                    = "cluster-manager-pipeline-dev"
        name                  = "cluster-manager-pipeline-dev"
        tags                  = {
            "Description" = "GitLab OIDC pipeline role for cluster-manager in dev"
            "Environment" = "dev"
            "ManagedBy"   = "terraform"
            "Ticket"      = "PLAT-1039"
        }
        # (8 unchanged attributes hidden)
    }

  # module.iam.aws_iam_role.gitlab_oidc_pipeline[0] will be updated in-place
  ~ resource "aws_iam_role" "gitlab_oidc_pipeline" {
      ~ assume_role_policy    = jsonencode(
            {
              - Statement = [
                  - {
                      - Action    = "sts:AssumeRoleWithWebIdentity"
                      - Condition = {
                          - StringEquals = {
                              - "gitlab.com:aud" = "https://gitlab.com"
                            }
                          - StringLike   = {
                              - "gitlab.com:sub" = "project_path:wwnorton/ops/infrastructure:*"
                            }
                        }
                      - Effect    = "Allow"
                      - Principal = {
                          - Federated = "arn:aws:iam::637244866643:oidc-provider/gitlab.com"
                        }
                    },
                ]
              - Version   = "2012-10-17"
            }
        ) -> (known after apply)
        id                    = "platform-infra-pipeline-dev"
        name                  = "platform-infra-pipeline-dev"
        tags                  = {
            "Description" = "GitLab OIDC pipeline role for dev"
            "Environment" = "dev"
            "ManagedBy"   = "terraform"
            "Ticket"      = "PLAT-993"
        }
        # (8 unchanged attributes hidden)
    }

Plan: 0 to add, 3 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.
accounts/development/waf
DRIFT UNKNOWN CAUSE
Change may be older than the 90-day CloudTrail window, or this is Terraform code that has not been applied yet
View plan output
module.waf.data.aws_region.current: Reading...
module.waf.aws_cloudwatch_log_group.waf[0]: Refreshing state... [id=aws-waf-logs-norton-waf-dev-testing]
module.waf.data.aws_caller_identity.current: Reading...
module.waf.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.waf.data.aws_caller_identity.current: Read complete after 0s [id=637244866643]
module.waf.aws_cloudwatch_log_resource_policy.waf[0]: Refreshing state... [id=waf-logs-norton-waf-dev-testing]
module.waf.aws_wafv2_web_acl.this: Refreshing state... [id=15f5f80e-9d7c-4bef-a269-e4d114799e6b]
module.waf.aws_wafv2_web_acl_logging_configuration.this[0]: Refreshing state... [id=arn:aws:wafv2:us-east-1:637244866643:regional/webacl/norton-waf-dev-testing/15f5f80e-9d7c-4bef-a269-e4d114799e6b]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # module.waf.aws_wafv2_web_acl.this will be updated in-place
  ~ resource "aws_wafv2_web_acl" "this" {
        id            = "15f5f80e-9d7c-4bef-a269-e4d114799e6b"
        name          = "norton-waf-dev-testing"
        tags          = {
            "Environment" = "dev"
            "ManagedBy"   = "Terraform"
            "Name"        = "norton-waf-dev-testing"
        }
        # (7 unchanged attributes hidden)

      - rule {
          - name     = "AWSManagedRulesBotControlRuleSet" -> null
          - priority = 1 -> null

          - override_action {
              - count {}
            }

          - statement {
              - managed_rule_group_statement {
                  - name        = "AWSManagedRulesBotControlRuleSet" -> null
                  - vendor_name = "AWS" -> null

                  - managed_rule_group_configs {
                      - aws_managed_rules_bot_control_rule_set {
                          - enable_machine_learning = false -> null
                          - inspection_level        = "COMMON" -> null
                        }
                    }

                  - rule_action_override {
                      - name = "SignalNonBrowserUserAgent" -> null

                      - action_to_use {
                          - count {
                            }
                        }
                    }
                  - rule_action_override {
                      - name = "SignalKnownBotDataCenter" -> null

                      - action_to_use {
                          - count {
                            }
                        }
                    }
                  - rule_action_override {
                      - name = "SignalAutomatedBrowser" -> null

                      - action_to_use {
                          - count {
                            }
                        }
                    }
                  - rule_action_override {
                      - name = "CategoryAdvertising" -> null

                      - action_to_use {
                          - count {
                            }
                        }
                    }
                  - rule_action_override {
                      - name = "CategoryArchiver" -> null

                      - action_to_use {
                          - count {
                            }
                        }
                    }
                  - rule_action_override {
                      - name = "CategoryContentFetcher" -> null

                      - action_to_use {
                          - count {
                            }
                        }
                    }
                  - rule_action_override {
                      - name = "CategoryEmailClient" -> null

                      - action_to_use {
                          - count {
                            }
                        }
                    }
                  - rule_action_override {
                      - name = "CategoryHttpLibrary" -> null

                      - action_to_use {
                          - count {
                            }
                        }
                    }
                  - rule_action_override {
                      - name = "CategoryLinkChecker" -> null

                      - action_to_use {
                          - count {
                            }
                        }
                    }
                  - rule_action_override {
                      - name = "CategoryMiscellaneous" -> null

                      - action_to_use {
                          - count {
                            }
                        }
                    }
                  - rule_action_override {
                      - name = "CategoryScrapingFramework" -> null

                      - action_to_use {
                          - count {
                            }
                        }
                    }
                  - rule_action_override {
                      - name = "CategoryMonitoring" -> null

                      - action_to_use {
                          - count {
                            }
                        }
                    }
                  - rule_action_override {
                      - name = "CategorySearchEngine" -> null

                      - action_to_use {
                          - count {
                            }
                        }
                    }
                  - rule_action_override {
                      - name = "CategorySecurity" -> null

                      - action_to_use {
                          - count {
                            }
                        }
                    }
                  - rule_action_override {
                      - name = "CategorySeo" -> null

                      - action_to_use {
                          - count {
                            }
                        }
                    }
                  - rule_action_override {
                      - name = "CategorySocialMedia" -> null

                      - action_to_use {
                          - count {
                            }
                        }
                    }
                  - rule_action_override {
                      - name = "CategoryAI" -> null

                      - action_to_use {
                          - count {
                            }
                        }
                    }
                }
            }

          - visibility_config {
              - cloudwatch_metrics_enabled = true -> null
              - metric_name                = "AWSManagedRulesBotControlRuleSet" -> null
              - sampled_requests_enabled   = true -> null
            }
        }
      + rule {
          + name     = "AWSManagedRulesBotControlRuleSet"
          + priority = 1

          + override_action {
              + count {}
            }

          + statement {
              + managed_rule_group_statement {
                  + name        = "AWSManagedRulesBotControlRuleSet"
                  + vendor_name = "AWS"

                  + managed_rule_group_configs {
                      + aws_managed_rules_bot_control_rule_set {
                          + enable_machine_learning = true
                          + inspection_level        = "COMMON"
                        }
                    }
                }
            }

          + visibility_config {
              + cloudwatch_metrics_enabled = true
              + metric_name                = "AWSManagedRulesBotControlRuleSet"
              + sampled_requests_enabled   = true
            }
        }

        # (2 unchanged blocks hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.
accounts/digitalqa/config
DRIFT UNKNOWN CAUSE
Change may be older than the 90-day CloudTrail window, or this is Terraform code that has not been applied yet
View plan output
module.aws_config.data.aws_iam_policy_document.config_assume: Reading...
data.aws_caller_identity.current: Reading...
module.aws_config.data.aws_partition.current: Reading...
module.aws_config.data.aws_region.current: Reading...
module.aws_config.data.aws_caller_identity.current: Reading...
module.aws_config.data.aws_partition.current: Read complete after 0s [id=aws]
module.aws_config.data.aws_iam_policy_document.config_assume: Read complete after 0s [id=607352202]
module.aws_config.data.aws_caller_identity.current: Read complete after 0s [id=524824121587]
module.aws_config.data.aws_region.current: Read complete after 1s [id=us-east-1]
data.aws_caller_identity.current: Read complete after 1s [id=524824121587]
module.aws_config.data.aws_iam_policy_document.config_s3_delivery: Reading...
module.aws_config.data.aws_iam_policy_document.config_s3_delivery: Read complete after 0s [id=2936154814]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # module.aws_config.aws_config_config_rule.this["iam_password_policy"] will be created
  + resource "aws_config_config_rule" "this" {
      + arn                         = (known after apply)
      + id                          = (known after apply)
      + input_parameters            = jsonencode(
            {
              + MaxPasswordAge             = "90"
              + MinimumPasswordLength      = "14"
              + RequireLowercaseCharacters = "true"
              + RequireNumbers             = "true"
              + RequireSymbols             = "true"
              + RequireUppercaseCharacters = "true"
            }
        )
      + maximum_execution_frequency = "TwentyFour_Hours"
      + name                        = "iam_password_policy"
      + rule_id                     = (known after apply)
      + tags                        = {
          + "Environment" = "digitalqa"
          + "ManagedBy"   = "terraform"
          + "Owner"       = "platform"
        }
      + tags_all                    = {
          + "Environment" = "digitalqa"
          + "ManagedBy"   = "terraform"
          + "Owner"       = "platform"
        }

      + source {
          + owner             = "AWS"
          + source_identifier = "IAM_PASSWORD_POLICY"
        }
    }

  # module.aws_config.aws_config_config_rule.this["s3_bucket_public_read_prohibited"] will be created
  + resource "aws_config_config_rule" "this" {
      + arn      = (known after apply)
      + id       = (known after apply)
      + name     = "s3_bucket_public_read_prohibited"
      + rule_id  = (known after apply)
      + tags     = {
          + "Environment" = "digitalqa"
          + "ManagedBy"   = "terraform"
          + "Owner"       = "platform"
        }
      + tags_all = {
          + "Environment" = "digitalqa"
          + "ManagedBy"   = "terraform"
          + "Owner"       = "platform"
        }

      + source {
          + owner             = "AWS"
          + source_identifier = "S3_BUCKET_PUBLIC_READ_PROHIBITED"
        }
    }

  # module.aws_config.aws_config_configuration_recorder.this will be created
  + resource "aws_config_configuration_recorder" "this" {
      + id       = (known after apply)
      + name     = "default"
      + role_arn = (known after apply)

      + recording_group {
          + all_supported                 = true
          + include_global_resource_types = true
        }

      + recording_mode {
          + recording_frequency = "DAILY"
        }
    }

  # module.aws_config.aws_config_configuration_recorder_status.this will be created
  + resource "aws_config_configuration_recorder_status" "this" {
      + id         = (known after apply)
      + is_enabled = true
      + name       = "default"
    }

  # module.aws_config.aws_config_delivery_channel.this will be created
  + resource "aws_config_delivery_channel" "this" {
      + id             = (known after apply)
      + name           = "default"
      + s3_bucket_name = "aws-config-bucket-524824121587"
      + s3_key_prefix  = "config"

      + snapshot_delivery_properties {
          + delivery_frequency = "TwentyFour_Hours"
        }
    }

  # module.aws_config.aws_iam_role.config_service[0] will be created
  + resource "aws_iam_role" "config_service" {
      + arn                   = (known after apply)
      + assume_role_policy    = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "sts:AssumeRole"
                      + Effect    = "Allow"
                      + Principal = {
                          + Service = "config.amazonaws.com"
                        }
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + create_date           = (known after apply)
      + force_detach_policies = false
      + id                    = (known after apply)
      + managed_policy_arns   = (known after apply)
      + max_session_duration  = 3600
      + name                  = "aws-config-service-role-digitalqa"
      + name_prefix           = (known after apply)
      + path                  = "/"
      + tags                  = {
          + "Environment" = "digitalqa"
          + "ManagedBy"   = "terraform"
          + "Owner"       = "platform"
        }
      + tags_all              = {
          + "Environment" = "digitalqa"
          + "ManagedBy"   = "terraform"
          + "Owner"       = "platform"
        }
      + unique_id             = (known after apply)
    }

  # module.aws_config.aws_iam_role_policy.config_s3_delivery[0] will be created
  + resource "aws_iam_role_policy" "config_s3_delivery" {
      + id          = (known after apply)
      + name        = "config-s3-delivery-digitalqa"
      + name_prefix = (known after apply)
      + policy      = jsonencode(
            {
              + Statement = [
                  + {
                      + Action   = "s3:GetBucketAcl"
                      + Effect   = "Allow"
                      + Resource = "arn:aws:s3:::aws-config-bucket-524824121587"
                      + Sid      = "ConfigBucketAcl"
                    },
                  + {
                      + Action    = "s3:PutObject"
                      + Condition = {
                          + StringEquals = {
                              + "s3:x-amz-acl" = "bucket-owner-full-control"
                            }
                        }
                      + Effect    = "Allow"
                      + Resource  = "arn:aws:s3:::aws-config-bucket-524824121587/config/AWSLogs/524824121587/Config/*"
                      + Sid       = "ConfigObjectDelivery"
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + role        = (known after apply)
    }

  # module.aws_config.aws_iam_role_policy_attachment.config_managed[0] will be created
  + resource "aws_iam_role_policy_attachment" "config_managed" {
      + id         = (known after apply)
      + policy_arn = "arn:aws:iam::aws:policy/service-role/AWS_ConfigRole"
      + role       = "aws-config-service-role-digitalqa"
    }

Plan: 8 to add, 0 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.
accounts/digitalqa/iam
DRIFT NON-AWS
Not tracked by AWS CloudTrail
View plan output
module.iam.aws_iam_openid_connect_provider.gitlab[0]: Refreshing state... [id=arn:aws:iam::524824121587:oidc-provider/gitlab.com]
module.iam.aws_iam_policy.gitlab_oidc_pipeline[0]: Refreshing state... [id=arn:aws:iam::524824121587:policy/platform-infra-pipeline-digitalqa-policy]
module.iam.data.aws_caller_identity.current: Reading...
module.iam.data.aws_caller_identity.current: Read complete after 0s [id=524824121587]
module.iam.aws_iam_role.gitlab_oidc_pipeline[0]: Refreshing state... [id=platform-infra-pipeline-digitalqa]
module.iam.aws_iam_role_policy_attachment.gitlab_oidc_pipeline[0]: Refreshing state... [id=platform-infra-pipeline-digitalqa-20260511163214732500000001]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place
 <= read (data resources)

Terraform will perform the following actions:

  # module.iam.data.aws_iam_policy_document.gitlab_oidc_trust[0] will be read during apply
  # (depends on a resource or a module with changes pending)
 <= data "aws_iam_policy_document" "gitlab_oidc_trust" {
      + id            = (known after apply)
      + json          = (known after apply)
      + minified_json = (known after apply)

      + statement {
          + actions = [
              + "sts:AssumeRoleWithWebIdentity",
            ]
          + effect  = "Allow"

          + condition {
              + test     = "StringEquals"
              + values   = [
                  + "https://gitlab.com",
                ]
              + variable = "gitlab.com:aud"
            }
          + condition {
              + test     = "StringLike"
              + values   = [
                  + "project_path:wwnorton/ops/infrastructure:*",
                ]
              + variable = "gitlab.com:sub"
            }

          + principals {
              + identifiers = [
                  + "arn:aws:iam::524824121587:oidc-provider/gitlab.com",
                ]
              + type        = "Federated"
            }
        }
    }

  # module.iam.aws_iam_openid_connect_provider.gitlab[0] will be updated in-place
  ~ resource "aws_iam_openid_connect_provider" "gitlab" {
        id              = "arn:aws:iam::524824121587:oidc-provider/gitlab.com"
        tags            = {}
      ~ thumbprint_list = [
          - "d89e3bd43d5d909b47a18977aa9d5ce36cee184c",
        ]
        # (4 unchanged attributes hidden)
    }

  # module.iam.aws_iam_role.gitlab_oidc_pipeline[0] will be updated in-place
  ~ resource "aws_iam_role" "gitlab_oidc_pipeline" {
      ~ assume_role_policy    = jsonencode(
            {
              - Statement = [
                  - {
                      - Action    = "sts:AssumeRoleWithWebIdentity"
                      - Condition = {
                          - StringEquals = {
                              - "gitlab.com:aud" = "https://gitlab.com"
                            }
                          - StringLike   = {
                              - "gitlab.com:sub" = "project_path:wwnorton/ops/infrastructure:*"
                            }
                        }
                      - Effect    = "Allow"
                      - Principal = {
                          - Federated = "arn:aws:iam::524824121587:oidc-provider/gitlab.com"
                        }
                    },
                ]
              - Version   = "2012-10-17"
            }
        ) -> (known after apply)
        id                    = "platform-infra-pipeline-digitalqa"
        name                  = "platform-infra-pipeline-digitalqa"
        tags                  = {
            "Description" = "GitLab OIDC pipeline role for digitalqa"
            "Environment" = "digitalqa"
            "ManagedBy"   = "terraform"
            "Ticket"      = "PLAT-993"
        }
        # (8 unchanged attributes hidden)
    }

Plan: 0 to add, 2 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.
accounts/digitalqa/s3
ERROR NO AUDIT
View plan output
module.s3.aws_s3_bucket.s3_buckets["aws-config-bucket-524824121587"]: Refreshing state... [id=aws-config-bucket-524824121587]
module.s3.aws_s3_bucket_versioning.versioning["aws-config-bucket-524824121587"]: Refreshing state... [id=aws-config-bucket-524824121587]
module.s3.aws_s3_bucket_policy.custom_policies["aws-config-bucket-524824121587"]: Refreshing state... [id=aws-config-bucket-524824121587]
module.s3.aws_s3_bucket_server_side_encryption_configuration.encryption["aws-config-bucket-524824121587"]: Refreshing state... [id=aws-config-bucket-524824121587]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform planned the following actions, but then encountered a problem:

  # module.s3.aws_s3_bucket.s3_buckets["aws-config-bucket-524824121587"] will be created
  + resource "aws_s3_bucket" "s3_buckets" {
      + acceleration_status         = (known after apply)
      + acl                         = (known after apply)
      + arn                         = (known after apply)
      + bucket                      = "aws-config-bucket-524824121587"
      + bucket_domain_name          = (known after apply)
      + bucket_prefix               = (known after apply)
      + bucket_regional_domain_name = (known after apply)
      + force_destroy               = true
      + hosted_zone_id              = (known after apply)
      + id                          = (known after apply)
      + object_lock_enabled         = (known after apply)
      + policy                      = (known after apply)
      + region                      = (known after apply)
      + request_payer               = (known after apply)
      + tags_all                    = (known after apply)
      + website_domain              = (known after apply)
      + website_endpoint            = (known after apply)
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Error: reading S3 Bucket Versioning (aws-config-bucket-524824121587): operation error S3: GetBucketVersioning, https response error StatusCode: 403, RequestID: 6P8X9GDH77D3RYJC, HostID: 4fvsbuHIWR0ewV0tTLgkSqqsoUnRll+Cf7T2OghG7anpkKDg0Ar5QwfpZq9Y9RlJnl9C1+7rd5N9N8DwnmIUVoO+JV406kId, api error AccessDenied: User: arn:aws:sts::524824121587:assumed-role/platform-infra-pipeline-digitalqa/gl-drift-15258360403 is not authorized to perform: s3:GetBucketVersioning on resource: "arn:aws:s3:::aws-config-bucket-524824121587" because no resource-based policy allows the s3:GetBucketVersioning action

  with module.s3.aws_s3_bucket_versioning.versioning["aws-config-bucket-524824121587"],
  on ../../../aws/s3/s3.tf line 12, in resource "aws_s3_bucket_versioning" "versioning":
  12: resource "aws_s3_bucket_versioning" "versioning" {


Error: reading S3 Bucket Server-side Encryption Configuration (aws-config-bucket-524824121587): operation error S3: GetBucketEncryption, https response error StatusCode: 403, RequestID: VCHSH12Y41JD7B1V, HostID: 7482xOlydxX2tQI0Iti1xkFVGgkZSb75MJnRmRz4/LkbtYtuGMj9CTCasLpJI/eMrzReu+pgyOw6eD+2yeDOMXu3Cmfxxs7M, api error AccessDenied: User: arn:aws:sts::524824121587:assumed-role/platform-infra-pipeline-digitalqa/gl-drift-15258360403 is not authorized to perform: s3:GetEncryptionConfiguration on resource: "arn:aws:s3:::aws-config-bucket-524824121587" because no resource-based policy allows the s3:GetEncryptionConfiguration action

  with module.s3.aws_s3_bucket_server_side_encryption_configuration.encryption["aws-config-bucket-524824121587"],
  on ../../../aws/s3/s3.tf line 25, in resource "aws_s3_bucket_server_side_encryption_configuration" "encryption":
  25: resource "aws_s3_bucket_server_side_encryption_configuration" "encryption" {


Error: reading S3 Bucket Policy (aws-config-bucket-524824121587): operation error S3: GetBucketPolicy, https response error StatusCode: 403, RequestID: VCHZQNFNKB33G2R4, HostID: ianHK6/QgbsQl4wH1hb4WFOowG+gxj5M7V1EtmzeJg9alBdDVQGgZczmMg97cUkijLwdVXZ2AVhevv0p4peq66W8lRNxifsd, api error AccessDenied: User: arn:aws:sts::524824121587:assumed-role/platform-infra-pipeline-digitalqa/gl-drift-15258360403 is not authorized to perform: s3:GetBucketPolicy on resource: "arn:aws:s3:::aws-config-bucket-524824121587" because no resource-based policy allows the s3:GetBucketPolicy action

  with module.s3.aws_s3_bucket_policy.custom_policies["aws-config-bucket-524824121587"],
  on ../../../aws/s3/s3.tf line 127, in resource "aws_s3_bucket_policy" "custom_policies":
 127: resource "aws_s3_bucket_policy" "custom_policies" {
accounts/editorial/cloudfront/amerpoltoday9
CLEAN
accounts/editorial/cloudfront/enjmus15
CLEAN
accounts/editorial/cloudfront/essphysgeo-interactives
CLEAN
accounts/editorial/cloudfront/esssoc10
CLEAN
accounts/editorial/cloudfront/gateways5
CLEAN
accounts/editorial/cloudfront/govtex8-interactives
CLEAN
accounts/editorial/cloudfront/interactivepsych3-interactives
CLEAN
accounts/editorial/cloudfront/interactives-cms-pilot
CLEAN
accounts/editorial/cloudfront/interactives-kit-v2
CLEAN
accounts/editorial/cloudfront/jazz3ess-interactives
CLEAN
accounts/editorial/cloudfront/journeypsych-interactives
CLEAN
accounts/editorial/cloudfront/psychsci8
CLEAN
accounts/editorial/cloudfront/resmeth5-interactives
CLEAN
accounts/editorial/cloudfront/thesetruths2-interactives
CLEAN
accounts/editorial/cloudfront/webs3
CLEAN
accounts/editorial/cloudfront/westciv7
CLEAN
accounts/editorial/cloudfront/wethepeople16-interactives
CLEAN
accounts/editorial/cloudfront/whatsound7
CLEAN
accounts/editorial/cloudfront/worldstogether8-interactives
CLEAN
accounts/editorial/cloudfront/writing-activity-interactives
CLEAN
accounts/editorial/cloudfront/wtwa8
CLEAN
accounts/editorial/config
CLEAN
accounts/editorial/s3
CLEAN
accounts/editorial/iam
DRIFT NON-AWS
Not tracked by AWS CloudTrail
View plan output
module.iam.aws_iam_openid_connect_provider.gitlab[0]: Refreshing state... [id=arn:aws:iam::624967411599:oidc-provider/gitlab.com]
module.iam.aws_iam_policy.gitlab_oidc_pipeline[0]: Refreshing state... [id=arn:aws:iam::624967411599:policy/platform-infra-pipeline-editorial-policy]
module.iam.data.aws_caller_identity.current: Reading...
module.iam.data.aws_caller_identity.current: Read complete after 0s [id=624967411599]
module.iam.aws_iam_role.gitlab_oidc_pipeline[0]: Refreshing state... [id=platform-infra-pipeline-editorial]
module.iam.aws_iam_role_policy_attachment.gitlab_oidc_pipeline[0]: Refreshing state... [id=platform-infra-pipeline-editorial-20260511162918633600000001]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place
 <= read (data resources)

Terraform will perform the following actions:

  # module.iam.data.aws_iam_policy_document.gitlab_oidc_trust[0] will be read during apply
  # (depends on a resource or a module with changes pending)
 <= data "aws_iam_policy_document" "gitlab_oidc_trust" {
      + id            = (known after apply)
      + json          = (known after apply)
      + minified_json = (known after apply)

      + statement {
          + actions = [
              + "sts:AssumeRoleWithWebIdentity",
            ]
          + effect  = "Allow"

          + condition {
              + test     = "StringEquals"
              + values   = [
                  + "https://gitlab.com",
                ]
              + variable = "gitlab.com:aud"
            }
          + condition {
              + test     = "StringLike"
              + values   = [
                  + "project_path:wwnorton/ops/infrastructure:*",
                ]
              + variable = "gitlab.com:sub"
            }

          + principals {
              + identifiers = [
                  + "arn:aws:iam::624967411599:oidc-provider/gitlab.com",
                ]
              + type        = "Federated"
            }
        }
    }

  # module.iam.aws_iam_openid_connect_provider.gitlab[0] will be updated in-place
  ~ resource "aws_iam_openid_connect_provider" "gitlab" {
        id              = "arn:aws:iam::624967411599:oidc-provider/gitlab.com"
        tags            = {}
      ~ thumbprint_list = [
          - "d89e3bd43d5d909b47a18977aa9d5ce36cee184c",
        ]
        # (4 unchanged attributes hidden)
    }

  # module.iam.aws_iam_policy.gitlab_oidc_pipeline[0] will be updated in-place
  ~ resource "aws_iam_policy" "gitlab_oidc_pipeline" {
        id               = "arn:aws:iam::624967411599:policy/platform-infra-pipeline-editorial-policy"
        name             = "platform-infra-pipeline-editorial-policy"
      ~ policy           = jsonencode(
          ~ {
              ~ Statement = [
                    # (5 unchanged elements hidden)
                    {
                        Action   = [
                            "kms:*",
                        ]
                        Effect   = "Allow"
                        Resource = [
                            "*",
                        ]
                        Sid      = "kmsmanagement"
                    },
                  - {
                      - Action   = [
                          - "wafv2:*",
                        ]
                      - Effect   = "Allow"
                      - Resource = [
                          - "*",
                        ]
                      - Sid      = "wafv2management"
                    },
                ]
                # (1 unchanged attribute hidden)
            }
        )
        tags             = {}
        # (6 unchanged attributes hidden)
    }

  # module.iam.aws_iam_role.gitlab_oidc_pipeline[0] will be updated in-place
  ~ resource "aws_iam_role" "gitlab_oidc_pipeline" {
      ~ assume_role_policy    = jsonencode(
            {
              - Statement = [
                  - {
                      - Action    = "sts:AssumeRoleWithWebIdentity"
                      - Condition = {
                          - StringEquals = {
                              - "gitlab.com:aud" = "https://gitlab.com"
                            }
                          - StringLike   = {
                              - "gitlab.com:sub" = "project_path:wwnorton/ops/infrastructure:*"
                            }
                        }
                      - Effect    = "Allow"
                      - Principal = {
                          - Federated = "arn:aws:iam::624967411599:oidc-provider/gitlab.com"
                        }
                    },
                ]
              - Version   = "2012-10-17"
            }
        ) -> (known after apply)
        id                    = "platform-infra-pipeline-editorial"
        name                  = "platform-infra-pipeline-editorial"
        tags                  = {
            "Description" = "GitLab OIDC pipeline role for editorial"
            "Environment" = "editorial"
            "ManagedBy"   = "terraform"
            "Ticket"      = "PLAT-993"
        }
        # (8 unchanged attributes hidden)
    }

Plan: 0 to add, 3 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.
mongodb/projects/PLAT-502
ERROR NO AUDIT
View plan output
Planning failed. Terraform encountered an error while generating this plan.


Error: EmptyStaticCreds: static credentials are empty

  with provider["registry.terraform.io/mongodb/mongodbatlas"],
  on providers.tf line 23, in provider "mongodbatlas":
  23: provider "mongodbatlas" {
mongodb/projects/catalog-search-lower
ERROR NO AUDIT
View plan output
Planning failed. Terraform encountered an error while generating this plan.


Error: EmptyStaticCreds: static credentials are empty

  with provider["registry.terraform.io/mongodb/mongodbatlas"],
  on providers.tf line 23, in provider "mongodbatlas":
  23: provider "mongodbatlas" {
mongodb/projects/catalog-search-prod
ERROR NO AUDIT
View plan output
Planning failed. Terraform encountered an error while generating this plan.


Error: EmptyStaticCreds: static credentials are empty

  with provider["registry.terraform.io/mongodb/mongodbatlas"],
  on providers.tf line 23, in provider "mongodbatlas":
  23: provider "mongodbatlas" {
mongodb/projects/myTestProject
ERROR NO AUDIT
View plan output
Planning failed. Terraform encountered an error while generating this plan.


Error: EmptyStaticCreds: static credentials are empty

  with provider["registry.terraform.io/mongodb/mongodbatlas"],
  on providers.tf line 23, in provider "mongodbatlas":
  23: provider "mongodbatlas" {
accounts/production/acm
CLEAN
accounts/production/config
CLEAN
accounts/production/elasticache
CLEAN
accounts/production/lambda
CLEAN
accounts/production/logs
CLEAN
accounts/production/s3/maintenance_page
CLEAN
accounts/production/s3_users_secrets
CLEAN
accounts/production/s3
CLEAN
accounts/production/secretsmanager
CLEAN
accounts/production/sftp
CLEAN
accounts/production/vpc
CLEAN
accounts/production/events
DRIFT UNKNOWN CAUSE
Change may be older than the 90-day CloudTrail window, or this is Terraform code that has not been applied yet
View plan output
data.aws_lambda_function.function_name: Reading...
module.events.aws_cloudwatch_event_rule.lambda_cron_every_day_at_5_am_utc: Refreshing state... [id=lambda-cron-every-day-at-5-am-utc]
data.aws_lambda_function.function_name: Read complete after 0s [id=security_exposed_key_ids_prod]
module.events.aws_cloudwatch_event_target.trigger_lambda_on_schedule: Refreshing state... [id=lambda-cron-every-day-at-5-am-utc-terraform-20240606134957731400000005]

Note: Objects have changed outside of Terraform

Terraform detected the following changes made outside of Terraform since the
last "terraform apply" which may have affected this plan:

  # module.events.aws_cloudwatch_event_rule.lambda_cron_every_day_at_5_am_utc has been deleted
  - resource "aws_cloudwatch_event_rule" "lambda_cron_every_day_at_5_am_utc" {
      - arn                 = "arn:aws:events:us-east-1:100478842646:rule/lambda-cron-every-day-at-5-am-utc" -> null
      - description         = "Run every day at 5am UTC" -> null
      - event_bus_name      = "default" -> null
      - force_destroy       = false -> null
      - id                  = "lambda-cron-every-day-at-5-am-utc" -> null
      - is_enabled          = true -> null
      - name                = "lambda-cron-every-day-at-5-am-utc" -> null
      - schedule_expression = "cron(0 5 * * ? *)" -> null
      - state               = "ENABLED" -> null
      - tags                = {} -> null
      - tags_all            = {} -> null
    }


Unless you have made equivalent changes to your configuration, or ignored the
relevant attributes using ignore_changes, the following plan may include
actions to undo or respond to these changes.

─────────────────────────────────────────────────────────────────────────────

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # module.events.aws_cloudwatch_event_rule.lambda_cron_every_day_at_5_am_utc will be created
  + resource "aws_cloudwatch_event_rule" "lambda_cron_every_day_at_5_am_utc" {
      + arn                 = (known after apply)
      + description         = "Run every day at 5am UTC"
      + event_bus_name      = "default"
      + force_destroy       = false
      + id                  = (known after apply)
      + name                = "lambda-cron-every-day-at-5-am-utc"
      + name_prefix         = (known after apply)
      + schedule_expression = "cron(0 5 * * ? *)"
      + tags_all            = (known after apply)
    }

  # module.events.aws_cloudwatch_event_target.trigger_lambda_on_schedule will be created
  + resource "aws_cloudwatch_event_target" "trigger_lambda_on_schedule" {
      + arn            = "arn:aws:lambda:us-east-1:100478842646:function:security_exposed_key_ids_prod"
      + event_bus_name = "default"
      + force_destroy  = false
      + id             = (known after apply)
      + rule           = "lambda-cron-every-day-at-5-am-utc"
      + target_id      = (known after apply)
    }

Plan: 2 to add, 0 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.
accounts/production/iam
DRIFT NON-AWS
Not tracked by AWS CloudTrail
View plan output
module.iam.aws_iam_openid_connect_provider.gitlab[0]: Refreshing state... [id=arn:aws:iam::100478842646:oidc-provider/gitlab.com]
module.iam.aws_iam_user.s3_users[0]: Refreshing state... [id=s3_knewton]
module.iam.aws_iam_policy.s3_users_policy[0]: Refreshing state... [id=arn:aws:iam::100478842646:policy/s3_users_policy_knewton_prod]
module.iam.aws_iam_user.s3_users[1]: Refreshing state... [id=s3_r-console-data]
module.iam.aws_iam_policy.s3_users_policy[1]: Refreshing state... [id=arn:aws:iam::100478842646:policy/s3_users_policy_r-console-data_prod]
module.iam.aws_iam_policy.gitlab_oidc_pipeline[0]: Refreshing state... [id=arn:aws:iam::100478842646:policy/platform-infra-pipeline-prod-policy]
module.iam.aws_iam_policy.sftp_user_policy["r-console-data"]: Refreshing state... [id=arn:aws:iam::100478842646:policy/sftp_user_policy_r-console-data_prod]
module.iam.aws_iam_policy.cloudwatch_apm_synthetics_canary_policy[0]: Refreshing state... [id=arn:aws:iam::100478842646:policy/cloudwatch_apm_synthetics_canary_policy_prod]
module.iam.aws_iam_role.lambda_monitoring_vpn_routes_role[0]: Refreshing state... [id=lambda_monitoring_vpn_routes_role_prod]
module.iam.aws_iam_policy.lambda_monitoring_vpn_routes_policy[0]: Refreshing state... [id=arn:aws:iam::100478842646:policy/lambda_monitoring_vpn_routes_policy_prod]
module.iam.aws_iam_policy.lambda_security_exposed_key_ids_policy[0]: Refreshing state... [id=arn:aws:iam::100478842646:policy/lambda_security_exposed_key_ids_policy_prod]
module.iam.aws_iam_role.cloudwatch_apm_synthetics_canary[0]: Refreshing state... [id=cloudwatch_apm_synthetics_canary_role]
module.iam.data.aws_caller_identity.current: Reading...
module.iam.data.aws_caller_identity.current: Read complete after 0s [id=100478842646]
module.iam.aws_iam_role.vpc_client_vpn_endpoint_azure_clientvpn_role[0]: Refreshing state... [id=vpc_client_vpn_endpoint_azure_clientvpn_role_prod]
data.aws_secretsmanager_secret.gitlab_access_token_secret: Reading...
module.iam.aws_iam_user.temporary_users["francisco-carena"]: Refreshing state... [id=temp-francisco-carena]
module.iam.aws_iam_policy.gitlab_oidc_extra["cluster-manager"]: Refreshing state... [id=arn:aws:iam::100478842646:policy/cluster-manager-pipeline-prod-policy]
module.iam.aws_iam_role.lambda_security_exposed_key_ids_role[0]: Refreshing state... [id=lambda_security_exposed_key_ids_role_prod]
module.iam.aws_iam_user.temporary_users["christoph-genster"]: Refreshing state... [id=temp-christoph-genster]
module.iam.aws_iam_user.temporary_users["enrique-pennimpede"]: Refreshing state... [id=temp-enrique-pennimpede]
module.iam.aws_iam_role.sftp_user_role["r-console-data"]: Refreshing state... [id=sftp_user_role_r-console-data_prod]
module.iam.aws_iam_role.lambda_security_exposed_keywords_role[0]: Refreshing state... [id=lambda_security_exposed_keywords_role_prod]
data.aws_secretsmanager_secret.gitlab_access_token_secret: Read complete after 0s [id=arn:aws:secretsmanager:us-east-1:100478842646:secret:gitlab_access_token-5Pz3f6]
module.iam.aws_iam_policy.lambda_security_exposed_keywords_policy[0]: Refreshing state... [id=arn:aws:iam::100478842646:policy/lambda_security_exposed_keywords_policy_prod]
module.iam.aws_iam_access_key.s3_users[0]: Refreshing state... [id=AKIAROZIBO4LLB2Q2SI7]
module.iam.aws_iam_access_key.s3_users[1]: Refreshing state... [id=AKIAROZIBO4LC5M43BD4]
module.iam.aws_iam_user_policy_attachment.s3_users_policy_attachment[1]: Refreshing state... [id=s3_r-console-data-20240723221919950000000002]
module.iam.aws_iam_user_policy_attachment.s3_users_policy_attachment[0]: Refreshing state... [id=s3_knewton-20250606144325852200000001]
module.iam.aws_iam_role_policy_attachment.lambda_monitoring_vpn_routes_policy_attachment[0]: Refreshing state... [id=lambda_monitoring_vpn_routes_role_prod-20250328182930989200000001]
module.iam.aws_secretsmanager_secret.temporary_user_credentials["christoph-genster"]: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:100478842646:secret:temporary-user-christoph-genster-credentials-prod-Yz3Eae]
module.iam.aws_iam_role.gitlab_oidc_extra["cluster-manager"]: Refreshing state... [id=cluster-manager-pipeline-prod]
module.iam.aws_iam_user_login_profile.temporary_users_console["christoph-genster"]: Refreshing state... [id=temp-christoph-genster]
module.iam.aws_iam_access_key.temporary_users["francisco-carena"]: Refreshing state... [id=AKIAROZIBO4LDWIH3BGL]
module.iam.aws_iam_policy.temporary_expiration_policy["francisco-carena"]: Refreshing state... [id=arn:aws:iam::100478842646:policy/temporary/temporary-expiration-francisco-carena-prod]
module.iam.aws_iam_policy.temporary_expiration_policy["christoph-genster"]: Refreshing state... [id=arn:aws:iam::100478842646:policy/temporary/temporary-expiration-christoph-genster-prod]
module.iam.aws_iam_policy.temporary_expiration_policy["enrique-pennimpede"]: Refreshing state... [id=arn:aws:iam::100478842646:policy/temporary/temporary-expiration-enrique-pennimpede-prod]
module.iam.aws_secretsmanager_secret.temporary_user_credentials["francisco-carena"]: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:100478842646:secret:temporary-user-francisco-carena-credentials-prod-JaesV1]
module.iam.aws_secretsmanager_secret.temporary_user_credentials["enrique-pennimpede"]: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:100478842646:secret:temporary-user-enrique-pennimpede-credentials-prod-gmGWM7]
module.iam.aws_iam_user_login_profile.temporary_users_console["enrique-pennimpede"]: Refreshing state... [id=temp-enrique-pennimpede]
module.iam.aws_iam_user_login_profile.temporary_users_console["francisco-carena"]: Refreshing state... [id=temp-francisco-carena]
module.iam.aws_iam_access_key.temporary_users["christoph-genster"]: Refreshing state... [id=AKIAROZIBO4LCW4L7YEL]
module.iam.aws_iam_access_key.temporary_users["enrique-pennimpede"]: Refreshing state... [id=AKIAROZIBO4LED5J2YTI]
module.iam.aws_iam_policy.temporary_user_policy["christoph-genster"]: Refreshing state... [id=arn:aws:iam::100478842646:policy/temporary/temporary-user-christoph-genster-policy-prod]
module.iam.aws_iam_role_policy_attachment.vpc_client_vpn_endpoint_azure_clientvpn_policy_attachment[0]: Refreshing state... [id=vpc_client_vpn_endpoint_azure_clientvpn_role_prod-20250328184118196000000001]
module.iam.aws_iam_role.gitlab_oidc_pipeline[0]: Refreshing state... [id=platform-infra-pipeline-prod]
module.iam.aws_iam_policy.temporary_user_policy["enrique-pennimpede"]: Refreshing state... [id=arn:aws:iam::100478842646:policy/temporary/temporary-user-enrique-pennimpede-policy-prod]
module.iam.aws_iam_policy.temporary_user_policy["francisco-carena"]: Refreshing state... [id=arn:aws:iam::100478842646:policy/temporary/temporary-user-francisco-carena-policy-prod]
module.iam.data.aws_iam_policy_document.secrets_manager_policy[0]: Reading...
module.iam.aws_iam_role_policy_attachment.cloudwatch_apm_synthetics_canary_policy_attachment[0]: Refreshing state... [id=cloudwatch_apm_synthetics_canary_role-20251022184047251600000001]
module.iam.data.aws_iam_policy_document.secrets_manager_policy[0]: Read complete after 0s [id=1000248799]
module.iam.aws_iam_role_policy_attachment.canary_synthetics_full_access[0]: Refreshing state... [id=cloudwatch_apm_synthetics_canary_role-20251022184047269900000003]
module.iam.aws_iam_role_policy_attachment.canary_basic_execution[0]: Refreshing state... [id=cloudwatch_apm_synthetics_canary_role-20251022184047269000000002]
module.iam.aws_iam_role_policy_attachment.lambda_security_exposed_keywords_policy_attachment[0]: Refreshing state... [id=lambda_security_exposed_keywords_role_prod-20240808205405331200000002]
module.iam.aws_iam_role_policy_attachment.sftp_user_policy_attachment["r-console-data"]: Refreshing state... [id=sftp_user_role_r-console-data_prod-20240723183845504000000001]
module.iam.aws_iam_role_policy_attachment.lambda_security_exposed_key_ids_policy_attachment[0]: Refreshing state... [id=lambda_security_exposed_key_ids_role_prod-20240606134944067000000002]
module.iam.aws_iam_role_policy_attachment.gitlab_oidc_extra["cluster-manager"]: Refreshing state... [id=cluster-manager-pipeline-prod-20260603144312826800000001]
module.iam.aws_iam_user_policy_attachment.temporary_expiration_attachment["christoph-genster"]: Refreshing state... [id=temp-christoph-genster-2025060614432620840000000d]
module.iam.aws_iam_user_policy_attachment.temporary_expiration_attachment["francisco-carena"]: Refreshing state... [id=temp-francisco-carena-20250606144326121700000009]
module.iam.aws_secretsmanager_secret_version.temporary_user_credentials_version["enrique-pennimpede"]: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:100478842646:secret:temporary-user-enrique-pennimpede-credentials-prod-gmGWM7|terraform-2025060614432614620000000b]
module.iam.aws_iam_user_policy_attachment.temporary_expiration_attachment["enrique-pennimpede"]: Refreshing state... [id=temp-enrique-pennimpede-20250606144326120800000008]
module.iam.aws_secretsmanager_secret_version.temporary_user_credentials_version["christoph-genster"]: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:100478842646:secret:temporary-user-christoph-genster-credentials-prod-Yz3Eae|terraform-2025060614432614300000000a]
module.iam.aws_secretsmanager_secret_version.temporary_user_credentials_version["francisco-carena"]: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:100478842646:secret:temporary-user-francisco-carena-credentials-prod-JaesV1|terraform-2025060614432614980000000c]
module.iam.aws_iam_policy.lambda_secret_policy[0]: Refreshing state... [id=arn:aws:iam::100478842646:policy/lambda_secret_role_prod]
module.iam.aws_iam_user_policy_attachment.temporary_user_policy_attachment["francisco-carena"]: Refreshing state... [id=temp-francisco-carena-20250606144326057200000007]
module.iam.aws_iam_user_policy_attachment.temporary_user_policy_attachment["enrique-pennimpede"]: Refreshing state... [id=temp-enrique-pennimpede-20250606144326052700000005]
module.iam.aws_iam_user_policy_attachment.temporary_user_policy_attachment["christoph-genster"]: Refreshing state... [id=temp-christoph-genster-20250606144326054800000006]
module.iam.aws_iam_role_policy_attachment.gitlab_oidc_pipeline[0]: Refreshing state... [id=platform-infra-pipeline-prod-20260511151802893600000001]
module.iam.data.aws_iam_policy_document.mongodbatlas_assume_role_trust[0]: Reading...
module.iam.data.aws_iam_policy_document.mongodbatlas_assume_role_trust[0]: Read complete after 0s [id=257774811]
module.iam.aws_iam_role.mongodbatlas_assume_role[0]: Refreshing state... [id=mongodbatlas_assume_role_prod]
module.iam.aws_iam_role_policy_attachment.lambda_secret_policy_attachment[0]: Refreshing state... [id=lambda_security_exposed_key_ids_role_prod-20240606134944160800000003]
module.iam.aws_iam_role_policy_attachment.lambda_secret_policy_attachment_keywords[0]: Refreshing state... [id=lambda_security_exposed_keywords_role_prod-20240808205405282100000001]
module.iam.aws_iam_role_policy_attachment.mongodbatlas_assume_policy_attachment[0]: Refreshing state... [id=mongodbatlas_assume_role_prod-20251022184047279700000004]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place
 <= read (data resources)

Terraform will perform the following actions:

  # module.iam.data.aws_iam_policy_document.gitlab_oidc_extra_trust["cluster-manager"] will be read during apply
  # (depends on a resource or a module with changes pending)
 <= data "aws_iam_policy_document" "gitlab_oidc_extra_trust" {
      + id            = (known after apply)
      + json          = (known after apply)
      + minified_json = (known after apply)

      + statement {
          + actions = [
              + "sts:AssumeRoleWithWebIdentity",
            ]
          + effect  = "Allow"

          + condition {
              + test     = "StringEquals"
              + values   = [
                  + "https://gitlab.com",
                ]
              + variable = "gitlab.com:aud"
            }
          + condition {
              + test     = "StringLike"
              + values   = [
                  + "project_path:wwnorton/ops/cluster-manager:*",
                ]
              + variable = "gitlab.com:sub"
            }

          + principals {
              + identifiers = [
                  + "arn:aws:iam::100478842646:oidc-provider/gitlab.com",
                ]
              + type        = "Federated"
            }
        }
    }

  # module.iam.data.aws_iam_policy_document.gitlab_oidc_trust[0] will be read during apply
  # (depends on a resource or a module with changes pending)
 <= data "aws_iam_policy_document" "gitlab_oidc_trust" {
      + id            = (known after apply)
      + json          = (known after apply)
      + minified_json = (known after apply)

      + statement {
          + actions = [
              + "sts:AssumeRoleWithWebIdentity",
            ]
          + effect  = "Allow"

          + condition {
              + test     = "StringEquals"
              + values   = [
                  + "https://gitlab.com",
                ]
              + variable = "gitlab.com:aud"
            }
          + condition {
              + test     = "StringLike"
              + values   = [
                  + "project_path:wwnorton/ops/infrastructure:*",
                ]
              + variable = "gitlab.com:sub"
            }

          + principals {
              + identifiers = [
                  + "arn:aws:iam::100478842646:oidc-provider/gitlab.com",
                ]
              + type        = "Federated"
            }
        }
    }

  # module.iam.aws_iam_openid_connect_provider.gitlab[0] will be updated in-place
  ~ resource "aws_iam_openid_connect_provider" "gitlab" {
        id              = "arn:aws:iam::100478842646:oidc-provider/gitlab.com"
        tags            = {}
      ~ thumbprint_list = [
          - "d89e3bd43d5d909b47a18977aa9d5ce36cee184c",
        ]
        # (4 unchanged attributes hidden)
    }

  # module.iam.aws_iam_policy.temporary_expiration_policy["enrique-pennimpede"] will be updated in-place
  ~ resource "aws_iam_policy" "temporary_expiration_policy" {
        id               = "arn:aws:iam::100478842646:policy/temporary/temporary-expiration-enrique-pennimpede-prod"
        name             = "temporary-expiration-enrique-pennimpede-prod"
      ~ policy           = jsonencode(
          ~ {
              ~ Statement = [
                  ~ {
                      ~ Condition = {
                          ~ DateGreaterThan = {
                              ~ "aws:CurrentTime" = "2026-07-06T23:59:59Z" -> "2026-06-06T23:59:59Z"
                            }
                        }
                        # (4 unchanged attributes hidden)
                    },
                ]
                # (1 unchanged attribute hidden)
            }
        )
        tags             = {}
        # (6 unchanged attributes hidden)
    }

  # module.iam.aws_iam_role.gitlab_oidc_extra["cluster-manager"] will be updated in-place
  ~ resource "aws_iam_role" "gitlab_oidc_extra" {
      ~ assume_role_policy    = jsonencode(
            {
              - Statement = [
                  - {
                      - Action    = "sts:AssumeRoleWithWebIdentity"
                      - Condition = {
                          - StringEquals = {
                              - "gitlab.com:aud" = "https://gitlab.com"
                            }
                          - StringLike   = {
                              - "gitlab.com:sub" = "project_path:wwnorton/ops/cluster-manager:*"
                            }
                        }
                      - Effect    = "Allow"
                      - Principal = {
                          - Federated = "arn:aws:iam::100478842646:oidc-provider/gitlab.com"
                        }
                    },
                ]
              - Version   = "2012-10-17"
            }
        ) -> (known after apply)
        id                    = "cluster-manager-pipeline-prod"
        name                  = "cluster-manager-pipeline-prod"
        tags                  = {
            "Description" = "GitLab OIDC pipeline role for cluster-manager in prod"
            "Environment" = "prod"
            "ManagedBy"   = "terraform"
            "Ticket"      = "PLAT-1039"
        }
        # (8 unchanged attributes hidden)
    }

  # module.iam.aws_iam_role.gitlab_oidc_pipeline[0] will be updated in-place
  ~ resource "aws_iam_role" "gitlab_oidc_pipeline" {
      ~ assume_role_policy    = jsonencode(
            {
              - Statement = [
                  - {
                      - Action    = "sts:AssumeRoleWithWebIdentity"
                      - Condition = {
                          - StringEquals = {
                              - "gitlab.com:aud" = "https://gitlab.com"
                            }
                          - StringLike   = {
                              - "gitlab.com:sub" = "project_path:wwnorton/ops/infrastructure:*"
                            }
                        }
                      - Effect    = "Allow"
                      - Principal = {
                          - Federated = "arn:aws:iam::100478842646:oidc-provider/gitlab.com"
                        }
                    },
                ]
              - Version   = "2012-10-17"
            }
        ) -> (known after apply)
        id                    = "platform-infra-pipeline-prod"
        name                  = "platform-infra-pipeline-prod"
        tags                  = {
            "Description" = "GitLab OIDC pipeline role for prod"
            "Environment" = "prod"
            "ManagedBy"   = "terraform"
            "Ticket"      = "PLAT-993"
        }
        # (8 unchanged attributes hidden)
    }

Plan: 0 to add, 4 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.
accounts/production/rds
DRIFT UNKNOWN CAUSE
Change may be older than the 90-day CloudTrail window, or this is Terraform code that has not been applied yet
View plan output
module.rds.data.aws_security_group.existing_security_groups_by_id["genai-0"]: Reading...
module.rds.data.aws_security_group.existing_security_groups_by_id["commerce-api-prod-db-0"]: Reading...
module.rds.data.aws_security_group.existing_security_groups_by_id["knewton-0"]: Reading...
module.rds.data.aws_security_group.existing_security_groups_by_id["hypothesis-prod-0"]: Reading...
module.rds.data.aws_security_group.existing_security_groups_by_id["sw5-prd-1"]: Reading...
module.rds.data.aws_security_group.existing_security_groups_by_id["sw5-prd-0"]: Reading...
module.rds.data.aws_secretsmanager_secret_version.db_passwords["genai"]: Reading...
module.rds.data.aws_security_group.existing_replica_security_groups_by_id["sw5-prd-1-2"]: Reading...
module.rds.data.aws_secretsmanager_secret_version.db_passwords["hypothesis-prod"]: Reading...
module.rds.data.aws_secretsmanager_secret_version.db_passwords["knewton"]: Reading...
module.rds.data.aws_secretsmanager_secret_version.db_passwords["genai"]: Read complete after 0s [id=production/labs/rds/genai|AWSCURRENT]
module.rds.data.aws_secretsmanager_secret_version.db_passwords["sw5-prd"]: Reading...
module.rds.data.aws_secretsmanager_secret_version.db_passwords["hypothesis-prod"]: Read complete after 0s [id=production/labs/rds/hypothesis-prod|AWSCURRENT]
module.rds.data.aws_security_group.existing_replica_security_groups_by_id["sw5-prd-1-0"]: Reading...
module.rds.data.aws_secretsmanager_secret_version.db_passwords["knewton"]: Read complete after 0s [id=rds!db-d07796eb-3595-4ad7-972c-a9e53384d44d|AWSCURRENT]
module.rds.data.aws_security_group.existing_replica_security_groups_by_id["sw5-prd-1-1"]: Reading...
module.rds.data.aws_secretsmanager_secret_version.db_passwords["sw5-prd"]: Read complete after 0s [id=production/labs/rds/sw5-prd|AWSCURRENT]
module.rds.data.aws_db_subnet_group.existing_replica_subnet_groups_by_name["sw5-prd-1"]: Reading...
module.rds.data.aws_security_group.existing_security_groups_by_id["sw5-prd-1"]: Read complete after 0s [id=sg-207a5751]
module.rds.data.aws_db_subnet_group.existing_subnet_groups_by_name["commerce-api-prod-db"]: Reading...
module.rds.data.aws_security_group.existing_security_groups_by_id["genai-0"]: Read complete after 1s [id=sg-0ec8114e41abf4063]
module.rds.data.aws_security_group.existing_security_groups_by_id["knewton-0"]: Read complete after 1s [id=sg-0ec8114e41abf4063]
module.rds.data.aws_security_group.existing_replica_security_groups_by_id["sw5-prd-1-1"]: Read complete after 1s [id=sg-207a5751]
module.rds.data.aws_db_subnet_group.existing_subnet_groups_by_name["genai"]: Reading...
module.rds.data.aws_security_group.existing_security_groups_by_id["hypothesis-prod-0"]: Read complete after 1s [id=sg-0ec8114e41abf4063]
module.rds.data.aws_db_subnet_group.existing_subnet_groups_by_name["knewton"]: Reading...
module.rds.data.aws_security_group.existing_security_groups_by_id["commerce-api-prod-db-0"]: Read complete after 1s [id=sg-0ec8114e41abf4063]
module.rds.data.aws_db_subnet_group.existing_subnet_groups_by_name["hypothesis-prod"]: Reading...
module.rds.data.aws_db_subnet_group.existing_subnet_groups_by_name["sw5-prd"]: Reading...
module.rds.data.aws_security_group.existing_replica_security_groups_by_id["sw5-prd-1-2"]: Read complete after 1s [id=sg-093de6c8c0a431471]
module.rds.data.aws_db_subnet_group.existing_replica_subnet_groups_by_name["sw5-prd-1"]: Read complete after 1s [id=default]
module.rds.data.aws_security_group.existing_security_groups_by_id["sw5-prd-0"]: Read complete after 1s [id=sg-682c1116]
module.rds.data.aws_security_group.existing_replica_security_groups_by_id["sw5-prd-1-0"]: Read complete after 1s [id=sg-682c1116]
module.rds.data.aws_db_subnet_group.existing_subnet_groups_by_name["sw5-prd"]: Read complete after 0s [id=default]
module.rds.data.aws_db_subnet_group.existing_subnet_groups_by_name["commerce-api-prod-db"]: Read complete after 1s [id=prod-group]
module.rds.data.aws_db_subnet_group.existing_subnet_groups_by_name["genai"]: Read complete after 0s [id=prod-group]
module.rds.data.aws_db_subnet_group.existing_subnet_groups_by_name["hypothesis-prod"]: Read complete after 0s [id=prod-group]
module.rds.data.aws_db_subnet_group.existing_subnet_groups_by_name["knewton"]: Read complete after 0s [id=prod-group]
module.rds.aws_db_instance.rds_instances_traditional_password["genai"]: Refreshing state... [id=db-2U6Q5G7LG7UTQTE5RTLUYLULRU]
module.rds.aws_db_instance.rds_instances_traditional_password["sw5-prd"]: Refreshing state... [id=db-JX63HZ2HTTWTCO4VEUINTZ4LBM]
module.rds.aws_db_instance.rds_instances_traditional_password["hypothesis-prod"]: Refreshing state... [id=db-HQY2V5EPBL432HF7WZ2NEFXN3I]
module.rds.aws_db_instance.rds_instances_managed_password["knewton"]: Refreshing state... [id=db-ZLWGDMMWWPNTN3GB7FHT3UUFTE]
module.rds.aws_db_instance.rds_read_replicas["sw5-prd-1"]: Refreshing state... [id=db-GJMHNVGZOUMVAZDPLU5QPC555Y]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # module.rds.aws_db_instance.rds_instances_managed_password["commerce-api-prod-db"] will be created
  + resource "aws_db_instance" "rds_instances_managed_password" {
      + address                               = (known after apply)
      + allocated_storage                     = 200
      + apply_immediately                     = false
      + arn                                   = (known after apply)
      + auto_minor_version_upgrade            = false
      + availability_zone                     = (known after apply)
      + backup_retention_period               = 7
      + backup_target                         = (known after apply)
      + backup_window                         = "07:00-07:30"
      + ca_cert_identifier                    = (known after apply)
      + character_set_name                    = (known after apply)
      + copy_tags_to_snapshot                 = true
      + database_insights_mode                = (known after apply)
      + db_name                               = (known after apply)
      + db_subnet_group_name                  = "prod-group"
      + dedicated_log_volume                  = false
      + delete_automated_backups              = true
      + deletion_protection                   = true
      + domain_fqdn                           = (known after apply)
      + enabled_cloudwatch_logs_exports       = [
          + "postgresql",
        ]
      + endpoint                              = (known after apply)
      + engine                                = "postgres"
      + engine_lifecycle_support              = (known after apply)
      + engine_version                        = "17.10"
      + engine_version_actual                 = (known after apply)
      + hosted_zone_id                        = (known after apply)
      + id                                    = (known after apply)
      + identifier                            = "commerce-api-prod-db"
      + identifier_prefix                     = (known after apply)
      + instance_class                        = "db.m6g.large"
      + iops                                  = 3000
      + kms_key_id                            = "arn:aws:kms:us-east-1:100478842646:key/568d75c8-431c-46f3-9a94-b956050589d9"
      + latest_restorable_time                = (known after apply)
      + license_model                         = (known after apply)
      + listener_endpoint                     = (known after apply)
      + maintenance_window                    = "sun:09:00-sun:09:30"
      + manage_master_user_password           = true
      + master_user_secret                    = (known after apply)
      + master_user_secret_kms_key_id         = "arn:aws:kms:us-east-1:100478842646:key/568d75c8-431c-46f3-9a94-b956050589d9"
      + max_allocated_storage                 = 1000
      + monitoring_interval                   = 60
      + monitoring_role_arn                   = "arn:aws:iam::100478842646:role/rds-monitoring-role"
      + multi_az                              = true
      + nchar_character_set_name              = (known after apply)
      + network_type                          = (known after apply)
      + option_group_name                     = (known after apply)
      + parameter_group_name                  = (known after apply)
      + performance_insights_enabled          = true
      + performance_insights_kms_key_id       = (known after apply)
      + performance_insights_retention_period = 7
      + port                                  = (known after apply)
      + publicly_accessible                   = false
      + replica_mode                          = (known after apply)
      + replicas                              = (known after apply)
      + resource_id                           = (known after apply)
      + skip_final_snapshot                   = false
      + snapshot_identifier                   = (known after apply)
      + status                                = (known after apply)
      + storage_encrypted                     = true
      + storage_throughput                    = 125
      + storage_type                          = "gp3"
      + tags                                  = {
          + "BusinessUnit" = "engineering"
          + "CreatedBy"    = "terraform"
          + "Environment"  = "prod"
          + "Product"      = "website"
          + "Team"         = "ecommerce"
        }
      + tags_all                              = {
          + "BusinessUnit" = "engineering"
          + "CreatedBy"    = "terraform"
          + "Environment"  = "prod"
          + "Product"      = "website"
          + "Team"         = "ecommerce"
        }
      + timezone                              = (known after apply)
      + username                              = "postgres"
      + vpc_security_group_ids                = [
          + "sg-0ec8114e41abf4063",
        ]
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Changes to Outputs:
  ~ database_instances = {
      + commerce-api-prod-db = {
          + apply_immediately                     = false
          + auto_minor_version_upgrade            = false
          + backup_retention_period               = 7
          + backup_window                         = "07:00-07:30"
          + copy_tags_to_snapshot                 = true
          + db_subnet_group_name                  = "prod-group"
          + deletion_protection                   = true
          + enabled_cloudwatch_logs_exports       = [
              + "postgresql",
            ]
          + engine                                = "postgres"
          + engine_version                        = "17.10"
          + identifier                            = "commerce-api-prod-db"
          + instance_class                        = "db.m6g.large"
          + instance_type                         = "main"
          + iops                                  = 3000
          + kms_key_id                            = "arn:aws:kms:us-east-1:100478842646:key/568d75c8-431c-46f3-9a94-b956050589d9"
          + maintenance_window                    = "sun:09:00-sun:09:30"
          + max_allocated_storage                 = 1000
          + monitoring_interval                   = 60
          + monitoring_role_arn                   = "arn:aws:iam::100478842646:role/rds-monitoring-role"
          + multi_az                              = true
          + password_management                   = "managed"
          + performance_insights_enabled          = true
          + performance_insights_retention_period = 7
          + storage_encrypted                     = true
          + storage_throughput                    = 125
          + storage_type                          = "gp3"
          + tags                                  = {
              + BusinessUnit = "engineering"
              + CreatedBy    = "terraform"
              + Environment  = "prod"
              + Product      = "website"
              + Team         = "ecommerce"
            }
          + username                              = "postgres"
          + vpc_security_group_ids                = [
              + "sg-0ec8114e41abf4063",
            ]
        }
        # (5 unchanged attributes hidden)
    }
  ~ security_groups    = {
      + commerce-api-prod-db-0 = {
          + description   = "default VPC security group"
          + id            = "sg-0ec8114e41abf4063"
          + name          = "default"
          + resource_type = "security_group"
          + source        = "existing_by_id"
          + tags          = {
              + Name = "Rancher-Prod"
            }
          + usage         = "main_database"
          + vpc_id        = "vpc-0e9a40e45f62a82ab"
        }
        # (8 unchanged attributes hidden)
    }
  ~ subnet_groups      = {
      + commerce-api-prod-db = {
          + description   = "Non TF Subnets"
          + id            = "prod-group"
          + name          = "prod-group"
          + resource_type = "subnet_group"
          + source        = "existing_by_name"
          + subnet_ids    = [
              + "subnet-032faa91a2e05c533",
              + "subnet-03ad98970e3eb7042",
              + "subnet-045bf91734774284c",
              + "subnet-089bcc7c3ea809ea4",
              + "subnet-0d177523b0c8fa5de",
              + "subnet-0f26ee6a7e2083ad1",
            ]
          + tags          = {}
          + usage         = "main_database"
        }
        # (5 unchanged attributes hidden)
    }

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.
accounts/production/route53
DRIFT UNKNOWN CAUSE
Change may be older than the 90-day CloudTrail window, or this is Terraform code that has not been applied yet
View plan output
module.route53.aws_route53_zone.zones["couragetoactbook-com"]: Refreshing state... [id=Z0650687WYE5Z8AI3GSU]
module.route53.aws_route53_zone.zones["wwnorton-co-uk"]: Refreshing state... [id=Z09887783351W2NGZBJNB]
module.route53.aws_route53_zone.zones["wwnorton-com-private"]: Refreshing state... [id=Z003702539UZ3395GNT6Z]
module.route53.aws_route53_zone.zones["nortonworldlitsite-com"]: Refreshing state... [id=Z0880532UHO3YDN373HQ]
module.route53.aws_route53_zone.zones["nortonebooks-com"]: Refreshing state... [id=Z09325671QAZJ9GUQV3VL]
module.route53.aws_route53_zone.zones["wwnuat-com"]: Refreshing state... [id=Z057075684ZP1OM6HNOK]
module.route53.aws_route53_zone.zones["wwnorton-net"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI]
module.route53.aws_route53_zone.zones["naelarchive-com"]: Refreshing state... [id=Z03733253OQ5GWLSMY89J]
module.route53.aws_route53_zone.zones["michaellewiswrites-com"]: Refreshing state... [id=Z05873457ECOJQUAIKM]
module.route53.aws_route53_zone.zones["clairemessud-com"]: Refreshing state... [id=Z045133426GLLVNIFVNDD]
module.route53.aws_route53_zone.zones["benbernankebook-com"]: Refreshing state... [id=Z01095541LGCS0Q07OPF5]
module.route53.aws_route53_zone.zones["nortonreader-com"]: Refreshing state... [id=Z042346833VNVAJJUQ5AM]
module.route53.aws_route53_zone.zones["wwnorton-com-public"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ]
module.route53.aws_route53_record.alias_records["clairemessud-com-apex-A-default"]: Refreshing state... [id=Z045133426GLLVNIFVNDD_clairemessud.com_A]
module.route53.aws_route53_record.alias_records["michaellewiswrites-com-apex-A-default"]: Refreshing state... [id=Z05873457ECOJQUAIKM_michaellewiswrites.com_A]
module.route53.aws_route53_record.alias_records["benbernankebook-com-apex-A-default"]: Refreshing state... [id=Z01095541LGCS0Q07OPF5_benbernankebook.com_A]
module.route53.aws_route53_record.alias_records["nortonreader-com-apex-A-default"]: Refreshing state... [id=Z042346833VNVAJJUQ5AM_nortonreader.com_A]
module.route53.aws_route53_record.alias_records["wwnorton-com-private-web2-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_web2_A]
module.route53.aws_route53_record.alias_records["wwnorton-com-private-mjws-webserver-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_mjws-webserver_A]
module.route53.aws_route53_record.alias_records["couragetoactbook-com-apex-A-default"]: Refreshing state... [id=Z0650687WYE5Z8AI3GSU_couragetoactbook.com_A]
module.route53.aws_route53_record.alias_records["wwnorton-com-private-sw-dev-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_sw-dev_A]
module.route53.aws_route53_record.alias_records["wwnorton-com-private-apex-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_wwnorton.com_A]
module.route53.aws_route53_record.alias_records["nortonworldlitsite-com-apex-A-default"]: Refreshing state... [id=Z0880532UHO3YDN373HQ_nortonworldlitsite.com_A]
module.route53.aws_route53_record.alias_records["wwnorton-com-private-support-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_support_A]
module.route53.aws_route53_record.alias_records["wwnorton-com-public-apex-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_wwnorton.com_A]
module.route53.aws_route53_record.alias_records["wwnorton-com-private-rancher-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_rancher_A]
module.route53.aws_route53_record.records["wwnorton-com-public-dns-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_dns_A]
module.route53.aws_route53_record.alias_records["wwnorton-com-private-tf-newrancher-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_tf-newrancher_A]
module.route53.aws_route53_record.records["wwnorton-com-private-ilgstg-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_ilgstg_A]
module.route53.aws_route53_record.alias_records["naelarchive-com-apex-A-default"]: Refreshing state... [id=Z03733253OQ5GWLSMY89J_naelarchive.com_A]
module.route53.aws_route53_record.records["wwnorton-com-public-_afcb4im78t5dhdmvjo3g35hakemcbm7-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ__afcb4im78t5dhdmvjo3g35hakemcbm7_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-\\100-TXT-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_\100_TXT]
module.route53.aws_route53_record.records["wwnorton-com-private-appservices-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_appservices_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-naelarchive-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_naelarchive_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-dc-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_dc_A]
module.route53.aws_route53_record.records["wwnorton-com-private-nortonreader-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_nortonreader_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-fs3._domainkey-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_fs3._domainkey_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-pluto-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_pluto_A]
module.route53.aws_route53_record.records["wwnorton-com-public-inquizitive-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_inquizitive_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-_b124124e4a4ddd4bbf125d09236f571e-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ__b124124e4a4ddd4bbf125d09236f571e_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-dlp.external-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_dlp.external_CNAME]
module.route53.aws_route53_record.records["nortonworldlitsite-com-_57bff8f226ed29a37b47a971b4b16323.www-CNAME-default"]: Refreshing state... [id=Z0880532UHO3YDN373HQ__57bff8f226ed29a37b47a971b4b16323.www_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-iig-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_iig_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-_f93e7154b2f9d964e28558ed7b143ebb-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z__f93e7154b2f9d964e28558ed7b143ebb_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-_63fd2e6ff1c0562addd357a10ae7dd3d.dev-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI__63fd2e6ff1c0562addd357a10ae7dd3d.dev_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-fs._domainkey-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_fs._domainkey_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-sw5.external-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_sw5.external_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-modelviewer-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_modelviewer_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-ftp2-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_ftp2_A]
module.route53.aws_route53_record.records["wwnorton-com-public-modelviewer-dev-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_modelviewer-dev_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-rediseks-a-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_rediseks-a_A]
module.route53.aws_route53_record.records["wwnorton-net-nrls-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_nrls_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-selector1._domainkey-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_selector1._domainkey_CNAME]
module.route53.aws_route53_record.records["nortonworldlitsite-com-_51cdc5dba321745584de9375e35b07e3-CNAME-default"]: Refreshing state... [id=Z0880532UHO3YDN373HQ__51cdc5dba321745584de9375e35b07e3_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-smartwork5-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_smartwork5_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-applications-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_applications_A]
module.route53.aws_route53_record.records["wwnorton-com-public-smartsheet-site-validation-TXT-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_smartsheet-site-validation_TXT]
module.route53.aws_route53_record.records["wwnorton-co-uk-apex-MX-default"]: Refreshing state... [id=Z09887783351W2NGZBJNB_wwnorton.co.uk_MX]
module.route53.aws_route53_record.records["wwnorton-com-public-catalog-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_catalog_CNAME]
module.route53.aws_route53_record.records["michaellewiswrites-com-_00fbceca5fb5d1ee1f2f3476f26042c0-CNAME-default"]: Refreshing state... [id=Z05873457ECOJQUAIKM__00fbceca5fb5d1ee1f2f3476f26042c0_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-knackcustom-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_knackcustom_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-media-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_media_CNAME]
module.route53.aws_route53_record.records["wwnorton-co-uk-apex-TXT-default"]: Refreshing state... [id=Z09887783351W2NGZBJNB_wwnorton.co.uk_TXT]
module.route53.aws_route53_record.records["wwnorton-com-public-ssadmin-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_ssadmin_A]
module.route53.aws_route53_record.records["wwnorton-net-\\052.ops-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_\052.ops_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-mango-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_mango_A]
module.route53.aws_route53_record.records["wwnorton-net-alb-staging-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_alb-staging_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-books-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_books_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-alb-iig-prod-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_alb-iig-prod_CNAME]
module.route53.aws_route53_record.records["wwnorton-co-uk-3ynaw2lxc5qsyc3do22lt2wc3kgkuw5s._domainkey.wwnorton.co.uk.wwnorton.co.uk-CNAME-default"]: Refreshing state... [id=Z09887783351W2NGZBJNB_3ynaw2lxc5qsyc3do22lt2wc3kgkuw5s._domainkey.wwnorton.co.uk.wwnorton.co.uk._CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-zaps2-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_zaps2_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-nltcourse-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_nltcourse_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-k8s-wrk-wwn-prod-use1b-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_k8s-wrk-wwn-prod-use1b_A]
module.route53.aws_route53_record.records["wwnorton-com-public-cm._domainkey-TXT-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_cm._domainkey_TXT]
module.route53.aws_route53_record.records["wwnorton-com-public-stg-util-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_stg-util_CNAME]
module.route53.aws_route53_record.records["michaellewiswrites-com-www-CNAME-default"]: Refreshing state... [id=Z05873457ECOJQUAIKM_www_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-cleversso-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_cleversso_A]
module.route53.aws_route53_record.records["wwnorton-com-private-k8s-ecw-wwn-prod-use1c-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_k8s-ecw-wwn-prod-use1c_A]
module.route53.aws_route53_record.records["wwnorton-com-private-rediseks-b-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_rediseks-b_A]
module.route53.aws_route53_record.records["wwnorton-com-public-mjws-webserver-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_mjws-webserver_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-sw5-int-uat-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_sw5-int-uat_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-sso-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_sso_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-379a120175fe-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_379a120175fe_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-vpnnyc-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_vpnnyc_A]
module.route53.aws_route53_record.records["wwnorton-net-apidocs-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_apidocs_CNAME]
module.route53.aws_route53_record.records["wwnuat-com-quickview-A-default"]: Refreshing state... [id=Z057075684ZP1OM6HNOK_quickview_A]
module.route53.aws_route53_record.records["wwnorton-com-private-pcr2-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_pcr2_A]
module.route53.aws_route53_record.records["wwnorton-net-alb-ext-svc-stg-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_alb-ext-svc-stg_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-drift.ops-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_drift.ops_CNAME]
module.route53.aws_route53_record.records["benbernankebook-com-_2bdc782301d0f0ec47dc6bf000f734ee-CNAME-default"]: Refreshing state... [id=Z01095541LGCS0Q07OPF5__2bdc782301d0f0ec47dc6bf000f734ee_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-_dnsauth-TXT-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI__dnsauth_TXT]
module.route53.aws_route53_record.records["wwnorton-com-public-s2._domainkey-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_s2._domainkey_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-nortonreader-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_nortonreader_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-maintenancetest-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_maintenancetest_A]
module.route53.aws_route53_record.records["wwnorton-com-private-catalog-search.prod-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_catalog-search.prod_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-ams.staging-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_ams.staging_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-player-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_player_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-ftpnrl-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_ftpnrl_A]
module.route53.aws_route53_record.records["clairemessud-com-www-CNAME-default"]: Refreshing state... [id=Z045133426GLLVNIFVNDD_www_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-external-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_external_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-apex-MX-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_wwnorton.com_MX]
module.route53.aws_route53_record.records["wwnorton-com-public-nz-k2._domainkey-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_nz-k2._domainkey_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-rconsole-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_rconsole_CNAME]
module.route53.aws_route53_record.records["nortonebooks-com-_48d04a8836712151b4426684dc8d9a5a.www-CNAME-default"]: Refreshing state... [id=Z09325671QAZJ9GUQV3VL__48d04a8836712151b4426684dc8d9a5a.www_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-adobe-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_adobe_A]
module.route53.aws_route53_record.records["wwnorton-net-dlp-int-uat-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_dlp-int-uat_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-externalservices.staging-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_externalservices.staging_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-digitalproduct-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_digitalproduct_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-logs-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_logs_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-seagull-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_seagull_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-email-TXT-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_email_TXT]
module.route53.aws_route53_record.records["wwnorton-com-public-dam-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_dam_A]
module.route53.aws_route53_record.records["wwnorton-com-public-ncia-authoring-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_ncia-authoring_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-books.dr-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_books.dr_A]
module.route53.aws_route53_record.records["wwnorton-com-private-nrl-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_nrl_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-nsw-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_nsw_A]
module.route53.aws_route53_record.records["wwnorton-com-public-ams-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_ams_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-_deef012b8f6d36e30545c08739a40c9e.qa-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI__deef012b8f6d36e30545c08739a40c9e.qa_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-ftpweb-dev-A-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_ftpweb-dev_A]
module.route53.aws_route53_record.records["wwnorton-com-private-stg-services-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_stg-services_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-util-old-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_util-old_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-alb-ext-svc-dev-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_alb-ext-svc-dev_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-g32f66k3a3ypfactuaazlbbq7uesrgxc._domainkey-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_g32f66k3a3ypfactuaazlbbq7uesrgxc._domainkey_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-sw5-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_sw5_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-_amazonses-TXT-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ__amazonses_TXT]
module.route53.aws_route53_record.records["wwnorton-com-public-_dmarc-TXT-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ__dmarc_TXT]
module.route53.aws_route53_record.records["wwnorton-com-public-docarchive-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_docarchive_A]
module.route53.aws_route53_record.records["wwnorton-com-public-nlt-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_nlt_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-mdl-a-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_mdl-a_A]
module.route53.aws_route53_record.records["wwnorton-com-public-phone-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_phone_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-pine-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_pine_A]
module.route53.aws_route53_record.records["wwnorton-com-public-benbernanke-test-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_benbernanke-test_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-smartwork-prod7-MX-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_smartwork-prod7_MX]
module.route53.aws_route53_record.records["wwnorton-com-public-ale-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_ale_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-extract-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_extract_A]
module.route53.aws_route53_record.records["wwnorton-com-private-k8s-wrk-wwn-prod-use1c-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_k8s-wrk-wwn-prod-use1c_A]
module.route53.aws_route53_record.records["wwnorton-com-public-epub-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_epub_CNAME]
module.route53.aws_route53_record.records["naelarchive-com-_8a42d530a0ac833d43e406fca597c161.www-CNAME-default"]: Refreshing state... [id=Z03733253OQ5GWLSMY89J__8a42d530a0ac833d43e406fca597c161.www_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-npp.prod-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_npp.prod_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-pev636be3ggil4grd3t2rwezng56iivz._domainkey-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_pev636be3ggil4grd3t2rwezng56iivz._domainkey_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-3b7871cc6e69-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_3b7871cc6e69_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-iq-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_iq_A]
module.route53.aws_route53_record.records["wwnorton-com-public-noreply-MX-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_noreply_MX]
module.route53.aws_route53_record.records["wwnorton-com-public-glossary-service-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_glossary-service_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-\\052.prod-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_\052.prod_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-_acme-challenge.workspaces-TXT-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI__acme-challenge.workspaces_TXT]
module.route53.aws_route53_record.records["wwnorton-com-public-ilg-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_ilg_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-email-MX-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_email_MX]
module.route53.aws_route53_record.records["wwnorton-com-public-alb-internal-prod-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_alb-internal-prod_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-internalservices.prod-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_internalservices.prod_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-testmaker-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_testmaker_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-sak-a-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_sak-a_A]
module.route53.aws_route53_record.records["wwnorton-com-private-\\052.prod-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_\052.prod_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-_domainkey-TXT-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ__domainkey_TXT]
module.route53.aws_route53_record.records["wwnorton-net-apex-MX-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_wwnorton.net_MX]
module.route53.aws_route53_record.records["wwnorton-com-public-nerd-eksprod-es.prod-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_nerd-eksprod-es.prod_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-nrl-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_nrl_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-\\052.workspaces-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_\052.workspaces_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-nlt-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_nlt_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-interactives-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_interactives_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-mdl-b-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_mdl-b_A]
module.route53.aws_route53_record.records["wwnorton-net-db1-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_db1_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-mdl-a-test-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_mdl-a-test_CNAME]
module.route53.aws_route53_record.records["nortonebooks-com-_ee70c403be0a2c98013c7cb7e8e74649-CNAME-default"]: Refreshing state... [id=Z09325671QAZJ9GUQV3VL__ee70c403be0a2c98013c7cb7e8e74649_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-_95ee87efe3966fd50377200e482a1f36.workspaces-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI__95ee87efe3966fd50377200e482a1f36.workspaces_CNAME]
module.route53.aws_route53_record.records["wwnorton-co-uk-77zlssqrdyrpechst26ciyomjpdehamf._domainkey.wwnorton.co.uk.wwnorton.co.uk-CNAME-default"]: Refreshing state... [id=Z09887783351W2NGZBJNB_77zlssqrdyrpechst26ciyomjpdehamf._domainkey.wwnorton.co.uk.wwnorton.co.uk._CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-thames-TXT-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_thames_TXT]
module.route53.aws_route53_record.records["wwnorton-com-private-ilg-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_ilg_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-swadmin-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_swadmin_A]
module.route53.aws_route53_record.records["wwnorton-com-private-k8s-ecw-wwn-prod-use1b-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_k8s-ecw-wwn-prod-use1b_A]
module.route53.aws_route53_record.records["wwnorton-com-private-cdn-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_cdn_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-_f1dd7aa7438cf1b2613a92a6fb2dd8f3.review-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI__f1dd7aa7438cf1b2613a92a6fb2dd8f3.review_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-k8s-ecw-wwn-prod-use1a-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_k8s-ecw-wwn-prod-use1a_A]
module.route53.aws_route53_record.records["wwnorton-co-uk-apex-A-default"]: Refreshing state... [id=Z09887783351W2NGZBJNB_wwnorton.co.uk_A]
module.route53.aws_route53_record.records["wwnorton-com-public-opt-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_opt_A]
module.route53.aws_route53_record.records["wwnorton-net-dltcourse.external-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_dltcourse.external_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-k2._domainkey-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_k2._domainkey_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-k3._domainkey.thames-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_k3._domainkey.thames_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-alb-qa-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_alb-qa_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-www-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_www_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-cdn2-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_cdn2_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-login-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_login_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-smartwork-prod7-TXT-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_smartwork-prod7_TXT]
module.route53.aws_route53_record.records["couragetoactbook-com-www-CNAME-default"]: Refreshing state... [id=Z0650687WYE5Z8AI3GSU_www_CNAME]
module.route53.aws_route53_record.records["naelarchive-com-_22da8626500e6ff9456ec1d5c4c5fbec-CNAME-default"]: Refreshing state... [id=Z03733253OQ5GWLSMY89J__22da8626500e6ff9456ec1d5c4c5fbec_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-nerd-eksprod-es.prod-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_nerd-eksprod-es.prod_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-wwn-prod-es-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_wwn-prod-es_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-_gitlab-pages-verification-code.plat-57-TXT-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ__gitlab-pages-verification-code.plat-57_TXT]
module.route53.aws_route53_record.records["wwnorton-com-public-jupiter-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_jupiter_A]
module.route53.aws_route53_record.records["couragetoactbook-com-_7664a6e57b0b19fa8aca01dae3c0104b-CNAME-default"]: Refreshing state... [id=Z0650687WYE5Z8AI3GSU__7664a6e57b0b19fa8aca01dae3c0104b_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-mail2-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_mail2_A]
module.route53.aws_route53_record.records["wwnorton-com-private-hypothesis-k8s-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_hypothesis-k8s_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-auth-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_auth_A]
module.route53.aws_route53_record.records["wwnorton-com-public-zaps2-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_zaps2_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-static-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_static_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-ftp-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_ftp_A]
module.route53.aws_route53_record.records["wwnorton-com-public-scvsqlprd01-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_scvsqlprd01_A]
module.route53.aws_route53_record.records["wwnorton-com-private-ncia-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_ncia_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-helpdesk-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_helpdesk_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-npp-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_npp_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-samlsso-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_samlsso_A]
module.route53.aws_route53_record.records["wwnorton-co-uk-_amazonses-TXT-default"]: Refreshing state... [id=Z09887783351W2NGZBJNB__amazonses_TXT]
module.route53.aws_route53_record.records["wwnorton-com-private-apisvc-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_apisvc_CNAME]
module.route53.aws_route53_record.records["nortonreader-com-_29997acbbbd9fc082d095bb37b891a63-CNAME-default"]: Refreshing state... [id=Z042346833VNVAJJUQ5AM__29997acbbbd9fc082d095bb37b891a63_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-npp.prod-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_npp.prod_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-_4106bedafa1aa2003ee20c548be3c2ae-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI__4106bedafa1aa2003ee20c548be3c2ae_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-200608._domainkey-TXT-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_200608._domainkey_TXT]
module.route53.aws_route53_record.records["wwnorton-com-public-nortonworldlitsite-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_nortonworldlitsite_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-noreply-TXT-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_noreply_TXT]
module.route53.aws_route53_record.records["wwnorton-com-private-k8s-wrk-wwn-prod-use1a-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_k8s-wrk-wwn-prod-use1a_A]
module.route53.aws_route53_record.records["wwnorton-com-private-maintenance-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_maintenance_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-wwnblankapp-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_wwnblankapp_A]
module.route53.aws_route53_record.records["wwnorton-net-dlt-int-uat-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_dlt-int-uat_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-ncia-pcat-prd-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_ncia-pcat-prd_CNAME]
module.route53.aws_route53_record.records["nortonworldlitsite-com-www-CNAME-default"]: Refreshing state... [id=Z0880532UHO3YDN373HQ_www_CNAME]
module.route53.aws_route53_record.records["benbernankebook-com-www-CNAME-default"]: Refreshing state... [id=Z01095541LGCS0Q07OPF5_www_CNAME]
module.route53.aws_route53_record.records["nortonebooks-com-www-CNAME-default"]: Refreshing state... [id=Z09325671QAZJ9GUQV3VL_www_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-maintenance-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_maintenance_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-hypothesis-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_hypothesis_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-nrl-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_nrl_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-plat-57-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_plat-57_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-sftpweb-lausd-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_sftpweb-lausd_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-efs-prod-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_efs-prod_A]
module.route53.aws_route53_record.records["wwnorton-com-public-k3._domainkey-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_k3._domainkey_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-cdnaudit-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_cdnaudit_A]
module.route53.aws_route53_record.records["wwnorton-com-public-odtest-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_odtest_A]
module.route53.aws_route53_record.records["wwnorton-co-uk-www-A-default"]: Refreshing state... [id=Z09887783351W2NGZBJNB_www_A]
module.route53.aws_route53_record.records["wwnorton-com-public-doglunch-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_doglunch_A]
module.route53.aws_route53_record.records["wwnorton-com-public-sso-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_sso_A]
module.route53.aws_route53_record.records["wwnorton-net-alb-dev-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_alb-dev_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-nerd-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_nerd_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-hypothesis-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_hypothesis_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-thames-MX-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_thames_MX]
module.route53.aws_route53_record.records["wwnorton-com-public-portal-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_portal_A]
module.route53.aws_route53_record.records["wwnorton-com-public-mercury-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_mercury_A]
module.route53.aws_route53_record.records["wwnorton-com-private-inquizitive-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_inquizitive_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-mdl-b-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_mdl-b_A]
module.route53.aws_route53_record.records["wwnorton-com-public-_23225e3085f36bba457c46a86bdc7ba3.digitalproduct-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ__23225e3085f36bba457c46a86bdc7ba3.digitalproduct_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-\\052.external-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_\052.external_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-4vbfltjkkzef746xevcikhjiffth6ha3._domainkey-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_4vbfltjkkzef746xevcikhjiffth6ha3._domainkey_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-_e42cd4c2d01f123a8d8a6b2ebdb4b144.ops-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI__e42cd4c2d01f123a8d8a6b2ebdb4b144.ops_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-sw5-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_sw5_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-nltcourse-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_nltcourse_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-appservices-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_appservices_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-db-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_db_A]
module.route53.aws_route53_record.records["wwnorton-com-private-pine-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_pine_A]
module.route53.aws_route53_record.records["wwnorton-net-_amazonses-TXT-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI__amazonses_TXT]
module.route53.aws_route53_record.records["wwnorton-com-public-trip-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_trip_A]
module.route53.aws_route53_record.records["wwnorton-com-public-knowledgebase-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_knowledgebase_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-hypothesis-k8s-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_hypothesis-k8s_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-quickview.dr-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_quickview.dr_A]
module.route53.aws_route53_record.records["wwnorton-net-login-int-uat-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_login-int-uat_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-dashboard-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_dashboard_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-alb-external-prod-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_alb-external-prod_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-hades-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_hades_A]
module.route53.aws_route53_record.records["wwnorton-com-public-ektdev-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_ektdev_A]
module.route53.aws_route53_record.records["wwnorton-com-private-wwn-eksprod-es-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_wwn-eksprod-es_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-_gitlab-pages-verification-code.apidocs-TXT-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI__gitlab-pages-verification-code.apidocs_TXT]
module.route53.aws_route53_record.records["wwnorton-com-private-nortonworldlitsite-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_nortonworldlitsite_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-catalog-search-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_catalog-search_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-iig-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_iig_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-workspaces-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_workspaces_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-hypothesis-new-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_hypothesis-new_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-7gz6r2qihyo5lz22ic2swub56gwgu3i5._domainkey-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_7gz6r2qihyo5lz22ic2swub56gwgu3i5._domainkey_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-testmaker-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_testmaker_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-services-old-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_services-old_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-fsdkim-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_fsdkim_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-alb-ext-svc-qa-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_alb-ext-svc-qa_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-_666da401d0a30d6879e881de03229e45.prod-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ__666da401d0a30d6879e881de03229e45.prod_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-key1._domainkey-TXT-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_key1._domainkey_TXT]
module.route53.aws_route53_record.records["wwnorton-com-public-warder1923._domainkey-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_warder1923._domainkey_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-redis-c-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_redis-c_A]
module.route53.aws_route53_record.records["wwnorton-com-public-k2._domainkey.thames-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_k2._domainkey.thames_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-external-dlp-app.staging-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_external-dlp-app.staging_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-fs2._domainkey-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_fs2._domainkey_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-docarchive-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_docarchive_A]
module.route53.aws_route53_record.records["wwnorton-com-private-redis-b-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_redis-b_A]
module.route53.aws_route53_record.records["wwnorton-com-public-s1._domainkey-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_s1._domainkey_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-nrls-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_nrls_CNAME]
module.route53.aws_route53_record.records["wwnuat-com-apex-TXT-default"]: Refreshing state... [id=Z057075684ZP1OM6HNOK_wwnuat.com_TXT]
module.route53.aws_route53_record.records["wwnorton-com-public-ncia-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_ncia_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-nz-k1._domainkey-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_nz-k1._domainkey_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-portal-A-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_portal_A]
module.route53.aws_route53_record.records["wwnorton-com-public-knewton-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_knewton_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-trap-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_trap_A]
module.route53.aws_route53_record.records["wwnorton-net-wx3zujztlomn7kx22j5pvkkxpjnqjjzf._domainkey-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_wx3zujztlomn7kx22j5pvkkxpjnqjjzf._domainkey_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-banyan-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_banyan_A]
module.route53.aws_route53_record.records["naelarchive-com-www-CNAME-default"]: Refreshing state... [id=Z03733253OQ5GWLSMY89J_www_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-_ba4e2b37e2bc0406e8aef7c5340f9f87-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI__ba4e2b37e2bc0406e8aef7c5340f9f87_CNAME]
module.route53.aws_route53_record.records["nortonreader-com-_7633d90bd4484739216e7181ac7b0da8.www-CNAME-default"]: Refreshing state... [id=Z042346833VNVAJJUQ5AM__7633d90bd4484739216e7181ac7b0da8.www_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-status-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_status_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-login-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_login_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-apisvc-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_apisvc_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-catalog-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_catalog_CNAME]
module.route53.aws_route53_record.records["wwnorton-co-uk-thmmvlnsnzthnjpxrhhdsansvxdoldzf._domainkey.wwnorton.co.uk.wwnorton.co.uk-CNAME-default"]: Refreshing state... [id=Z09887783351W2NGZBJNB_thmmvlnsnzthnjpxrhhdsansvxdoldzf._domainkey.wwnorton.co.uk.wwnorton.co.uk._CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-gedu.demo-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_gedu.demo_A]
module.route53.aws_route53_record.records["clairemessud-com-_64341c9d712e1eeb270d1f9ff8f2f626-CNAME-default"]: Refreshing state... [id=Z045133426GLLVNIFVNDD__64341c9d712e1eeb270d1f9ff8f2f626_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-modelviewer-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_modelviewer_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-player-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_player_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-nrltool-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_nrltool_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-oldhd-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_oldhd_A]
module.route53.aws_route53_record.records["wwnorton-com-private-alb-internal-prod-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_alb-internal-prod_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-externalservices.qa-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_externalservices.qa_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-external-dlp-app.qa-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_external-dlp-app.qa_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-ams-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_ams_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-selector2._domainkey-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_selector2._domainkey_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-iqservices-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_iqservices_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-books-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_books_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-web-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_web_A]
module.route53.aws_route53_record.records["wwnorton-com-private-rancher-prod-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_rancher-prod_A]
module.route53.aws_route53_record.records["wwnorton-com-private-alb-external-prod-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_alb-external-prod_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-redis-a-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_redis-a_A]
module.route53.aws_route53_record.records["wwnuat-com-portal-A-default"]: Refreshing state... [id=Z057075684ZP1OM6HNOK_portal_A]
module.route53.aws_route53_record.records["wwnorton-com-public-wwn-eksprod-es-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_wwn-eksprod-es_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-util-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_util_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-knewton-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_knewton_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-nz-k3._domainkey-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_nz-k3._domainkey_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-services-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_services_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-ftp-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_ftp_A]
module.route53.aws_route53_record.records["wwnorton-com-public-ecology-interactives-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_ecology-interactives_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-wwnorton-external.staging-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_wwnorton-external.staging_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-_atproto-TXT-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ__atproto_TXT]
module.route53.aws_route53_record.records["wwnorton-com-public-alb-iig-prod-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_alb-iig-prod_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-student-web-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_student-web_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-nerd-fork-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_nerd-fork_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-flashcards-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_flashcards_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-sentry.ops-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_sentry.ops_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-fd2414cd152e.nlt-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_fd2414cd152e.nlt_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-banyan-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_banyan_A]
module.route53.aws_route53_record.records["wwnorton-com-private-ncia-authoring-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_ncia-authoring_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-autodiscover-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_autodiscover_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-mailrelay-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_mailrelay_A]
module.route53.aws_route53_record.records["wwnorton-com-public-cdn-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_cdn_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-internalservices-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_internalservices_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-_f93e7154b2f9d964e28558ed7b143ebb-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ__f93e7154b2f9d964e28558ed7b143ebb_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-alb-ops-dev-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_alb-ops-dev_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-prometheus.prod-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_prometheus.prod_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-login.external-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_login.external_CNAME]
module.route53.aws_route53_record.records["nortonreader-com-www-CNAME-default"]: Refreshing state... [id=Z042346833VNVAJJUQ5AM_www_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-naelarchive-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_naelarchive_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-seagull500._domainkey-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_seagull500._domainkey_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-nrls-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_nrls_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-www-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_www_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-_f320ef2d4906241f681628ebb0b9b1fe.staging-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI__f320ef2d4906241f681628ebb0b9b1fe.staging_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-odata-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_odata_A]
module.route53.aws_route53_record.records["wwnorton-com-public-aster-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_aster_A]
module.route53.aws_route53_record.records["wwnorton-net-ssoapi-A-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_ssoapi_A]
module.route53.aws_route53_record.records["wwnorton-com-public-em3408-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_em3408_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-wwn-prod-es-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_wwn-prod-es_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-support2-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_support2_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-digital-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_digital_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-apex-TXT-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_wwnorton.net_TXT]
module.route53.aws_route53_record.records["wwnorton-com-private-internalservices.prod-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_internalservices.prod_CNAME]
module.route53.aws_route53_record.records["wwnorton-co-uk-_dnsauth-TXT-default"]: Refreshing state... [id=Z09887783351W2NGZBJNB__dnsauth_TXT]
module.route53.aws_route53_record.records["wwnorton-com-public-mail-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_mail_A]
module.route53.aws_route53_record.records["wwnorton-net-drone.external-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_drone.external_CNAME]
module.route53.aws_route53_record.records["wwnuat-com-_dnsauth-TXT-default"]: Refreshing state... [id=Z057075684ZP1OM6HNOK__dnsauth_TXT]
module.route53.aws_route53_record.records["wwnorton-net-3w44hnfo2byx7buog7kdnt3sv375d3qe._domainkey-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_3w44hnfo2byx7buog7kdnt3sv375d3qe._domainkey_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-benbernanke-test-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_benbernanke-test_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-apex-TXT-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_wwnorton.com_TXT]
module.route53.aws_route53_record.records["wwnorton-com-private-util-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_util_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-vpnnbc-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_vpnnbc_A]
module.route53.aws_route53_record.records["wwnorton-com-public-support-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_support_CNAME]
module.route53.aws_route53_record.records["wwnorton-net-dlt.external-CNAME-default"]: Refreshing state... [id=Z03105663PYXBDOJKDXDI_dlt.external_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-bounced-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_bounced_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-nerd-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_nerd_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-hypothesis-test-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_hypothesis-test_CNAME]
module.route53.aws_route53_record.records["wwnuat-com-dcv-CNAME-default"]: Refreshing state... [id=Z057075684ZP1OM6HNOK_dcv_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-alb-wwn-external-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_alb-wwn-external_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-services-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_services_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-editorial-a-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_editorial-a_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-iqservices-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_iqservices_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-alb-wwn-external-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_alb-wwn-external_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-nrladmin-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_nrladmin_A]
module.route53.aws_route53_record.records["wwnorton-com-public-qvalt-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_qvalt_A]
module.route53.aws_route53_record.records["wwnorton-com-public-helpdesk-CNAME-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_helpdesk_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-rediseks-c-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_rediseks-c_A]
module.route53.aws_route53_record.records["wwnorton-com-private-digital-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_digital_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-stgilg-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_stgilg_A]
module.route53.aws_route53_record.records["wwnorton-com-public-quickview-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_quickview_A]
module.route53.aws_route53_record.records["wwnorton-com-private-sso-A-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_sso_A]
module.route53.aws_route53_record.records["wwnorton-com-private-ale-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_ale_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-private-epub-CNAME-default"]: Refreshing state... [id=Z003702539UZ3395GNT6Z_epub_CNAME]
module.route53.aws_route53_record.records["wwnorton-com-public-lms2-A-default"]: Refreshing state... [id=Z03263511EYH0OOGU55FJ_lms2_A]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # module.route53.aws_route53_record.records["wwnorton-com-public-apex-TXT-default"] will be updated in-place
  ~ resource "aws_route53_record" "records" {
        id                               = "Z03263511EYH0OOGU55FJ_wwnorton.com_TXT"
        name                             = "wwnorton.com"
      ~ records                          = [
          - "_pl5efjyzfog0ovknkkvgzp51v1ar6ag",
          + "gpq7s0kj54vbnxqkwnrbdfr9rj53981g",
            # (15 unchanged elements hidden)
        ]
        # (6 unchanged attributes hidden)
    }

  # module.route53.aws_route53_record.records["wwnuat-com-apex-TXT-default"] will be updated in-place
  ~ resource "aws_route53_record" "records" {
        id                               = "Z057075684ZP1OM6HNOK_wwnuat.com_TXT"
        name                             = "wwnuat.com"
      ~ records                          = [
          - "_4ab2xm94w5bx9y9982evp0vukzmdvbz",
          + "_7ii3a865mrlphzh26jzgwif3ib7dvhw",
        ]
        # (6 unchanged attributes hidden)
    }

Plan: 0 to add, 2 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.
accounts/production/s3_to_loki
DRIFT UNKNOWN CAUSE
Change may be older than the 90-day CloudTrail window, or this is Terraform code that has not been applied yet
View plan output
module.s3_to_loki["alb"].data.archive_file.lambda_zip: Reading...
module.s3_to_loki["alb"].data.archive_file.lambda_zip: Read complete after 0s [id=847a0f2737eebccba52f9184683d055e9deafbec]
module.s3_to_loki["alb"].aws_iam_policy.s3_to_loki: Refreshing state... [id=arn:aws:iam::100478842646:policy/s3_to_loki_alb_policy_prod]
module.s3_to_loki["alb"].aws_iam_role.s3_to_loki: Refreshing state... [id=s3_to_loki_alb_role_prod]
module.s3_to_loki["alb"].aws_iam_role_policy_attachment.s3_to_loki: Refreshing state... [id=s3_to_loki_alb_role_prod-20260302201513481600000001]
module.s3_to_loki["alb"].aws_lambda_function.s3_to_loki: Refreshing state... [id=s3_to_loki_alb_prod]
module.s3_to_loki["alb"].aws_lambda_permission.s3_invoke["eks-elb-logs-prod"]: Refreshing state... [id=AllowS3Invoke-eks-elb-logs-prod]
module.s3_to_loki["alb"].aws_s3_bucket_notification.s3_to_loki_trigger["eks-elb-logs-prod"]: Refreshing state... [id=eks-elb-logs-prod]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # module.s3_to_loki["alb"].aws_iam_policy.s3_to_loki will be updated in-place
  ~ resource "aws_iam_policy" "s3_to_loki" {
        id               = "arn:aws:iam::100478842646:policy/s3_to_loki_alb_policy_prod"
        name             = "s3_to_loki_alb_policy_prod"
      ~ policy           = jsonencode(
          ~ {
              ~ Statement = [
                    {
                        Action   = [
                            "s3:GetObject",
                        ]
                        Effect   = "Allow"
                        Resource = [
                            "arn:aws:s3:::eks-elb-logs-prod/*",
                        ]
                    },
                  - {
                      - Action   = [
                          - "s3:GetObject",
                          - "s3:ListBucket",
                        ]
                      - Effect   = "Allow"
                      - Resource = [
                          - "arn:aws:s3:::eks-elb-logs-prod",
                          - "arn:aws:s3:::eks-elb-logs-prod/*",
                        ]
                    },
                    {
                        Action   = [
                            "logs:CreateLogGroup",
                            "logs:CreateLogStream",
                            "logs:PutLogEvents",
                        ]
                        Effect   = "Allow"
                        Resource = "*"
                    },
                    # (1 unchanged element hidden)
                ]
                # (1 unchanged attribute hidden)
            }
        )
        tags             = {}
        # (6 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.
accounts/production/sns
DRIFT UNKNOWN CAUSE
Change may be older than the 90-day CloudTrail window, or this is Terraform code that has not been applied yet
View plan output
module.sns.aws_sns_topic.wwnorton_sns_topics["clever-err-dev"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-err-dev]
module.sns.aws_sns_topic.wwnorton_sns_topics["clever-sync-start-dev"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-start-dev]
module.sns.aws_sns_topic.wwnorton_sns_topics["WWN-PROD-ASG"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:WWN-PROD-ASG]
module.sns.aws_sns_topic.wwnorton_sns_topics["RDS-DB-Event"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:RDS-DB-Event]
module.sns.aws_sns_topic.wwnorton_sns_topics["WWN-LOWER-ASG"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:WWN-LOWER-ASG]
module.sns.aws_sns_topic.wwnorton_sns_topics["CloudWatch-Prod-Cluster-Alarm"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:CloudWatch-Prod-Cluster-Alarm]
module.sns.aws_sns_topic.wwnorton_sns_topics["Flashcards-auto-scaling"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:Flashcards-auto-scaling]
module.sns.aws_sns_topic.wwnorton_sns_topics["email-bounce-notifications"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:email-bounce-notifications]
module.sns.aws_sns_topic.wwnorton_sns_topics["devops-alert"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:devops-alert]
module.sns.aws_sns_topic.wwnorton_sns_topics["cosmos-game-update"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:cosmos-game-update]
module.sns.aws_sns_topic.wwnorton_sns_topics["clever-success-dev"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-success-dev]
module.sns.aws_sns_topic.wwnorton_sns_topics["Site-to-site-VPN-Topic"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:Site-to-site-VPN-Topic]
module.sns.aws_sns_topic.wwnorton_sns_topics["WWN-PRD-ASG"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:WWN-PRD-ASG]
module.sns.aws_sns_topic.wwnorton_sns_topics["CloudStorageSecTopic-584z55e"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:CloudStorageSecTopic-584z55e]
module.sns.aws_sns_topic.wwnorton_sns_topics["aws-daily-security-reports"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:aws-daily-security-reports]
module.sns.aws_sns_topic.wwnorton_sns_topics["clever-sync-to-queue"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-to-queue]
module.sns.aws_sns_topic.wwnorton_sns_topics["clever-sync-dev"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-dev]
module.sns.aws_sns_topic.wwnorton_sns_topics["email-complaint-notifications"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:email-complaint-notifications]
module.sns.aws_sns_topic.wwnorton_sns_topics["email-volume-exceeds-threshold"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:email-volume-exceeds-threshold]
module.sns.aws_sns_topic.wwnorton_sns_topics["cloudcms-iig"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:cloudcms-iig]
module.sns.aws_sns_topic.wwnorton_sns_topics["NCI-PRD-AS-ELB"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:NCI-PRD-AS-ELB]
module.sns.aws_sns_topic.wwnorton_sns_topics["Shield-Alarms"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:Shield-Alarms]
module.sns.aws_sns_topic.wwnorton_sns_topics["url-monitoring-alerts"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:url-monitoring-alerts]
module.sns.aws_sns_topic.wwnorton_sns_topics["consolidated-security-notifications"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:consolidated-security-notifications]
module.sns.aws_sns_topic.wwnorton_sns_topics["WWN-LOWER-ECW"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:WWN-LOWER-ECW]
module.sns.aws_sns_topic.wwnorton_sns_topics["dinesh-test-alarm"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:dinesh-test-alarm]
module.sns.aws_sns_topic.wwnorton_sns_topics["security-group-alerts"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:security-group-alerts]
module.sns.aws_sns_topic.wwnorton_sns_topics["WWN-LOWER-WRK"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:WWN-LOWER-WRK]
module.sns.aws_sns_topic.wwnorton_sns_topics["searchandiser-update"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:searchandiser-update]
module.sns.aws_sns_topic.wwnorton_sns_topics["clever-error-notification"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-error-notification]
module.sns.aws_sns_topic.wwnorton_sns_topics["CloudWatch_Alarms_Topic-Test_rcrisial"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:CloudWatch_Alarms_Topic-Test_rcrisial]
module.sns.aws_sns_topic.wwnorton_sns_topics["email-account-tracing"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:email-account-tracing]
module.sns.aws_sns_topic.wwnorton_sns_topics["WWNKC"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:WWNKC]
module.sns.aws_sns_topic.wwnorton_sns_topics["searchandiser-iig-nightly"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:searchandiser-iig-nightly]
module.sns.aws_sns_topic.wwnorton_sns_topics["EKS-CloudWatch-Alarm-SNS-Topic-prod"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:EKS-CloudWatch-Alarm-SNS-Topic-prod]
module.sns.aws_sns_topic.wwnorton_sns_topics["aws-cloudtrail-logs-100478842646-7553d9e8"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:aws-cloudtrail-logs-100478842646-7553d9e8]
module.sns.aws_sns_topic.wwnorton_sns_topics["DevOps_CloudWatch_Alarms_Topic"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:DevOps_CloudWatch_Alarms_Topic]
module.sns.aws_sns_topic.wwnorton_sns_topics["CloudStorageSecNotificationsTopic-584z55e"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:CloudStorageSecNotificationsTopic-584z55e]
module.sns.aws_sns_topic.wwnorton_sns_topics["aws-cloudtrail-logs-100478842646-2ef82391"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:aws-cloudtrail-logs-100478842646-2ef82391]
module.sns.aws_sns_topic.wwnorton_sns_topics["Norton-WAF-Backup-Notifications"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:Norton-WAF-Backup-Notifications]
module.sns.aws_sns_topic.wwnorton_sns_topics["clever-sync-production"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-production]
module.sns.aws_sns_topic.wwnorton_sns_topics["grade-sync-daily-reports"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:grade-sync-daily-reports]
module.sns.aws_sns_topic.wwnorton_sns_topics["ncia-grade-sync"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:ncia-grade-sync]
module.sns.aws_sns_topic.wwnorton_sns_topics["SW5-AS-Devops"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:SW5-AS-Devops]
module.sns.aws_sns_topic.wwnorton_sns_topics["clever-sync-start"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-start]
module.sns.aws_sns_topic.wwnorton_sns_topics["SNStopicForAllCISAlarms"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:SNStopicForAllCISAlarms]
module.sns.aws_sns_topic.wwnorton_sns_topics["ACM_PROD_Certificate_Renewal_Action"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:ACM_PROD_Certificate_Renewal_Action]
module.sns.aws_sns_topic.wwnorton_sns_topics["clever-sync-success"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-success]
module.sns.aws_sns_topic.wwnorton_sns_topics["notification-service-test"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:notification-service-test]
module.sns.aws_sns_topic.wwnorton_sns_topics["wwnorton-security-alerts"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:wwnorton-security-alerts]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["searchandiser-iig-nightly-lambda-arnawslambdauseast1100478842646functionNotificationsStackteamsmessage567993698spmZH2LysQP"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:searchandiser-iig-nightly:ce49201f-ac03-46bd-8a2e-e6287f499907]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["CloudWatch-Prod-Cluster-Alarm-email-devopswwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:CloudWatch-Prod-Cluster-Alarm:824b7de7-7c2d-4cab-9c98-1d2f2efcad35]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-sync-production-email-pdietrichwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-production:b08ec282-9be7-4b5d-8230-c61cb6939372]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["SW5-AS-Devops-email-devopswwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:SW5-AS-Devops:c19fd052-5df0-4070-a08a-c3ac906a3df2]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["CloudStorageSecTopic-584z55e-sqs-arnawssqsuseast1100478842646CloudStorageSecQueue584z55e"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:CloudStorageSecTopic-584z55e:305bbc6a-552d-4fd9-9b74-ea97f23392d8]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["ACM_PROD_Certificate_Renewal_Action-email-devopswwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:ACM_PROD_Certificate_Renewal_Action:87178173-c97d-4acf-9e31-32aff0656d27]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-error-notification-email-pdietrichwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-error-notification:b4b9b75e-5113-4877-8e81-9c64f54118fb]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["WWNKC-email-devopswwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:WWNKC:d6b5d714-b411-4806-b81f-843e3b5a0337]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["searchandiser-update-lambda-arnawslambdauseast1100478842646functionpushToTeams"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:searchandiser-update:45d33d53-2933-42db-a47f-9469a018d79b]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["devops-alert-email-aelsasserwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:devops-alert:afb1a2c3-755c-486e-a9b3-c6529d08e550]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["aws-daily-security-reports-email-devsecopswwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:aws-daily-security-reports:3032f4b3-2222-4371-addb-8477f4d34ffd]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["EKS-CloudWatch-Alarm-SNS-Topic-prod-https-httpsglobalsnsapichatbotamazonawscom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:EKS-CloudWatch-Alarm-SNS-Topic-prod:2f9c21d7-5d58-46d0-b4a5-48afda06f5c9]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-sync-start-email-pdietrichwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-start:d7364805-e89b-4663-80d5-28ddfdf62f48]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["DevOps_CloudWatch_Alarms_Topic-email-devopswwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:DevOps_CloudWatch_Alarms_Topic:38ecb0a7-635a-4775-9db1-fb819d1e4c1a]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["Flashcards-auto-scaling-email-devopswwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:Flashcards-auto-scaling:758a9480-82cb-4758-9a63-4d9e6160788b]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-error-notification-email-sshindewwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-error-notification:b85db5e4-a786-4ae7-b103-cf15c49e0fbb]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["WWN-PRD-ASG-email-mzappwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:WWN-PRD-ASG:afd57cdb-069e-4286-acfc-d6690ec07063]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["devops-alert-email-devopswwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:devops-alert:be343c74-ba9f-46d9-9915-c22a12195a89]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["WWN-LOWER-WRK-email-aelsasserwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:WWN-LOWER-WRK:c8b3f43e-d65d-4419-9a96-2fb58205e61c]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["searchandiser-update-lambda-arnawslambdauseast1100478842646functionpushToSlack"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:searchandiser-update:f52bce0b-81b1-4e7e-ae90-f63b6c60f594]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-sync-start-email-vprabhunewwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-start:6aa4c73d-bfbb-4725-bfe5-48a94f6a6f13]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["wwnorton-security-alerts-email-devsecopswwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:wwnorton-security-alerts:982aef23-8e55-4903-be99-d12e2073b94f]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["WWN-PROD-ASG-email-devopswwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:WWN-PROD-ASG:e72830b1-7ff9-4f8c-b2f3-d4ebd331e1ca]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-sync-to-queue-email-pdietrichwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-to-queue:c8640c7f-2eb7-42b9-9e6f-65f620827216]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-sync-to-queue-email-sshindewwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-to-queue:f734d233-8bec-4bc3-9ced-dbb0ffc7a022]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["dinesh-test-alarm-email-dreddywwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:dinesh-test-alarm:80ae9064-0cc8-4089-aa5b-43ddaca8fdc3]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-sync-to-queue-sqs-arnawssqsuseast1100478842646CleverSyncErrors"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-to-queue:70134f75-38ee-4d3c-8c85-54e5e483a6a6]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-sync-dev-email-sdikewwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-dev:b8f9f159-a8a7-49b4-ba9f-b25dd325f0a4]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["SW5-AS-Devops-email-skambampatiwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:SW5-AS-Devops:f0aed3e3-4245-4bc3-a399-78721fc50189]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-sync-success-lambda-arnawslambdauseast1100478842646functionSNStoTeamsWorkflow"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-success:599201d4-0ed1-46ac-96d6-1131f8b6b2e1]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["cloudcms-iig-sqs-arnawssqsuseast1100478842646iignodejs"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:cloudcms-iig:cc1266b5-43fd-49f8-aa3a-2f85d2415ea0]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["searchandiser-iig-nightly-lambda-arnawslambdauseast1100478842646functionpushToSlack"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:searchandiser-iig-nightly:4a1118b4-e949-4dcf-833b-012ca94add41]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["dinesh-test-alarm-email-pdietrichwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:dinesh-test-alarm:1c72d4d0-896a-4278-8caa-49b5f34c4711]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-sync-to-queue-email-sdikewwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-to-queue:3f34723e-05ee-43ea-9827-c0ea79996520]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-sync-dev-email-pdietrichwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-dev:24e92b53-294d-4011-9d2b-83157f4cd66f]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["searchandiser-iig-nightly-email-webdevsupportwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:searchandiser-iig-nightly:94d54b04-06ae-4dc0-b9dc-385d23978b2f]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["WWN-LOWER-ECW-email-aelsasserwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:WWN-LOWER-ECW:bc1ecdf1-fd4a-4886-af3d-26087b3fc10e]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["searchandiser-update-lambda-arnawslambdauseast1100478842646functionNotificationsStackteamsmessage567993698spmZH2LysQP"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:searchandiser-update:926a45e6-beaf-4ccf-afbd-76689bd26daa]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["email-bounce-notifications-email-digitaldevwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:email-bounce-notifications:76cfa1ff-21d1-407a-a529-00cb3a2ff478]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["email-account-tracing-email-devopswwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:email-account-tracing:9aae36dd-df71-4113-8928-31c8b4f30165]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["cosmos-game-update-email-pdietrichwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:cosmos-game-update:fe0c952e-14dc-48ec-b014-b3bb31802a47]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-sync-to-queue-email-mzappwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-to-queue:3cd7bae5-2407-4f56-978e-0901208769d0]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-sync-dev-lambda-arnawslambdauseast1100478842646functionSNStoTeamsWorkflow3"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-dev:881f1b53-ab1a-4479-9b6a-1e9a8f88ba72]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["email-complaint-notifications-email-digitaldevwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:email-complaint-notifications:430412d3-2bb0-4328-a7ef-4c7b78032b87]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-success-dev-email-pdietrichwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-success-dev:91e3780f-a5b8-4fa0-832e-b1796de7c20c]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["WWN-LOWER-ASG-email-devopswwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:WWN-LOWER-ASG:3cc61c3b-83b8-414b-9ef5-cd90160e55f1]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-sync-start-email-sdikewwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-start:d38373fa-f2a6-45d9-ad1b-c3df08cff3cc]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["searchandiser-iig-nightly-lambda-arnawslambdauseast1100478842646functionpushToTeams"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:searchandiser-iig-nightly:708fb0a7-0e89-4691-aba0-8f66d3cc7556]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-err-dev-email-pdietrichwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-err-dev:46cb09ba-c200-4a30-b012-144432da897a]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["notification-service-test-email-pdietrichwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:notification-service-test:c457307f-4707-41f9-9c4f-6e4a8d51a342]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-sync-production-lambda-arnawslambdauseast1100478842646functionSNStoTeamsWorkflow"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-production:c21a29cd-3fc5-49d2-81f2-a4c62b8e6c54]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-sync-start-dev-email-pdietrichwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-sync-start-dev:ff98852b-8c6b-44ca-b79e-b0661b33dca2]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["Norton-WAF-Backup-Notifications-email-devsecopswwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:Norton-WAF-Backup-Notifications:12e6dbcb-b33f-4e0d-9c10-1e0bb50e98f3]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["devops-alert-sqs-arnawssqsuseast1100478842646DevOpsAlert"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:devops-alert:d16fd23d-34e0-443d-9244-97b6f919c160]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["searchandiser-update-email-pdietrichwwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:searchandiser-update:627af33e-649c-4308-a084-47612b9c6a48]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["email-volume-exceeds-threshold-email-devopswwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:email-volume-exceeds-threshold:74934a7c-7492-4504-b8bf-5acdb31abbeb]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-error-notification-email-sdikewwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-error-notification:5b63f1ed-628f-4151-91b9-cdb4f4c86ef6]
module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["clever-error-notification-email-rsrivastavawwnortoncom"]: Refreshing state... [id=arn:aws:sns:us-east-1:100478842646:clever-error-notification:08f35a5e-931e-4e87-bcc7-45777a4af557]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["Norton-WAF-Backup-Notifications-email-devsecopswwnortoncom"] will be created
  + resource "aws_sns_topic_subscription" "wwnorton_sns_topic_subscriptions" {
      + arn                             = (known after apply)
      + confirmation_timeout_in_minutes = 1
      + confirmation_was_authenticated  = (known after apply)
      + endpoint                        = "devsecops@wwnorton.com"
      + endpoint_auto_confirms          = false
      + filter_policy_scope             = (known after apply)
      + id                              = (known after apply)
      + owner_id                        = (known after apply)
      + pending_confirmation            = (known after apply)
      + protocol                        = "email"
      + raw_message_delivery            = false
      + topic_arn                       = "arn:aws:sns:us-east-1:100478842646:Norton-WAF-Backup-Notifications"
    }

  # module.sns.aws_sns_topic_subscription.wwnorton_sns_topic_subscriptions["wwnorton-security-alerts-email-devsecopswwnortoncom"] will be created
  + resource "aws_sns_topic_subscription" "wwnorton_sns_topic_subscriptions" {
      + arn                             = (known after apply)
      + confirmation_timeout_in_minutes = 1
      + confirmation_was_authenticated  = (known after apply)
      + endpoint                        = "devsecops@wwnorton.com"
      + endpoint_auto_confirms          = false
      + filter_policy_scope             = (known after apply)
      + id                              = (known after apply)
      + owner_id                        = (known after apply)
      + pending_confirmation            = (known after apply)
      + protocol                        = "email"
      + raw_message_delivery            = false
      + topic_arn                       = "arn:aws:sns:us-east-1:100478842646:wwnorton-security-alerts"
    }

Plan: 2 to add, 0 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.
accounts/security-testing/cloudwatch
CLEAN
accounts/security-testing/sns
CLEAN
accounts/security-testing/waf-ip-lists
CLEAN
accounts/security-testing/iam
DRIFT NON-AWS
Not tracked by AWS CloudTrail
View plan output
module.iam.data.aws_caller_identity.current: Reading...
module.iam.aws_iam_openid_connect_provider.gitlab[0]: Refreshing state... [id=arn:aws:iam::978355780665:oidc-provider/gitlab.com]
module.iam.aws_iam_policy.gitlab_oidc_pipeline[0]: Refreshing state... [id=arn:aws:iam::978355780665:policy/platform-infra-pipeline-security-testing-policy]
module.iam.data.aws_caller_identity.current: Read complete after 0s [id=978355780665]
module.iam.aws_iam_role.gitlab_oidc_pipeline[0]: Refreshing state... [id=platform-infra-pipeline-security-testing]
module.iam.aws_iam_role_policy_attachment.gitlab_oidc_pipeline[0]: Refreshing state... [id=platform-infra-pipeline-security-testing-20260702145101398100000001]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place
 <= read (data resources)

Terraform will perform the following actions:

  # module.iam.data.aws_iam_policy_document.gitlab_oidc_trust[0] will be read during apply
  # (depends on a resource or a module with changes pending)
 <= data "aws_iam_policy_document" "gitlab_oidc_trust" {
      + id            = (known after apply)
      + json          = (known after apply)
      + minified_json = (known after apply)

      + statement {
          + actions = [
              + "sts:AssumeRoleWithWebIdentity",
            ]
          + effect  = "Allow"

          + condition {
              + test     = "StringEquals"
              + values   = [
                  + "https://gitlab.com",
                ]
              + variable = "gitlab.com:aud"
            }
          + condition {
              + test     = "StringLike"
              + values   = [
                  + "project_path:wwnorton/ops/infrastructure:*",
                ]
              + variable = "gitlab.com:sub"
            }

          + principals {
              + identifiers = [
                  + "arn:aws:iam::978355780665:oidc-provider/gitlab.com",
                ]
              + type        = "Federated"
            }
        }
    }

  # module.iam.aws_iam_openid_connect_provider.gitlab[0] will be updated in-place
  ~ resource "aws_iam_openid_connect_provider" "gitlab" {
        id              = "arn:aws:iam::978355780665:oidc-provider/gitlab.com"
        tags            = {}
      ~ thumbprint_list = [
          - "d89e3bd43d5d909b47a18977aa9d5ce36cee184c",
        ]
        # (4 unchanged attributes hidden)
    }

  # module.iam.aws_iam_role.gitlab_oidc_pipeline[0] will be updated in-place
  ~ resource "aws_iam_role" "gitlab_oidc_pipeline" {
      ~ assume_role_policy    = jsonencode(
            {
              - Statement = [
                  - {
                      - Action    = "sts:AssumeRoleWithWebIdentity"
                      - Condition = {
                          - StringEquals = {
                              - "gitlab.com:aud" = "https://gitlab.com"
                            }
                          - StringLike   = {
                              - "gitlab.com:sub" = "project_path:wwnorton/ops/infrastructure:*"
                            }
                        }
                      - Effect    = "Allow"
                      - Principal = {
                          - Federated = "arn:aws:iam::978355780665:oidc-provider/gitlab.com"
                        }
                    },
                ]
              - Version   = "2012-10-17"
            }
        ) -> (known after apply)
        id                    = "platform-infra-pipeline-security-testing"
        name                  = "platform-infra-pipeline-security-testing"
        tags                  = {
            "Description" = "GitLab OIDC pipeline role for security-testing"
            "Environment" = "security-testing"
            "ManagedBy"   = "terraform"
            "Ticket"      = "PLAT-993"
        }
        # (8 unchanged attributes hidden)
    }

Plan: 0 to add, 2 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.
accounts/security-testing/waf
DRIFT UNKNOWN CAUSE
Change may be older than the 90-day CloudTrail window, or this is Terraform code that has not been applied yet
View plan output
module.waf.data.aws_caller_identity.current: Reading...
module.waf.aws_cloudwatch_log_group.waf[0]: Refreshing state... [id=aws-waf-logs-norton-waf-security-testing]
module.waf.data.aws_region.current: Reading...
module.waf.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.waf.data.aws_caller_identity.current: Read complete after 1s [id=978355780665]
module.waf.aws_cloudwatch_log_resource_policy.waf[0]: Refreshing state... [id=waf-logs-norton-waf-security-testing]
module.waf.aws_wafv2_web_acl.this: Refreshing state... [id=82de028f-8f4f-4838-bc4a-ebdf90796125]
module.waf.aws_wafv2_web_acl_logging_configuration.this[0]: Refreshing state... [id=arn:aws:wafv2:us-east-1:978355780665:regional/webacl/norton-waf-security-testing/82de028f-8f4f-4838-bc4a-ebdf90796125]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # module.waf.aws_wafv2_web_acl.this will be updated in-place
  ~ resource "aws_wafv2_web_acl" "this" {
        id            = "82de028f-8f4f-4838-bc4a-ebdf90796125"
        name          = "norton-waf-security-testing"
        tags          = {
            "Environment" = "security-testing"
            "ManagedBy"   = "Terraform"
            "Name"        = "norton-waf-security-testing"
        }
        # (7 unchanged attributes hidden)

      - rule {
          - name     = "AWSManagedRulesBotControlRuleSet" -> null
          - priority = 1 -> null

          - override_action {
              - count {}
            }

          - statement {
              - managed_rule_group_statement {
                  - name        = "AWSManagedRulesBotControlRuleSet" -> null
                  - vendor_name = "AWS" -> null

                  - managed_rule_group_configs {
                      - aws_managed_rules_bot_control_rule_set {
                          - enable_machine_learning = false -> null
                          - inspection_level        = "COMMON" -> null
                        }
                    }
                }
            }

          - visibility_config {
              - cloudwatch_metrics_enabled = true -> null
              - metric_name                = "AWSManagedRulesBotControlRuleSet" -> null
              - sampled_requests_enabled   = true -> null
            }
        }
      + rule {
          + name     = "AWSManagedRulesBotControlRuleSet"
          + priority = 1

          + override_action {
              + count {}
            }

          + statement {
              + managed_rule_group_statement {
                  + name        = "AWSManagedRulesBotControlRuleSet"
                  + vendor_name = "AWS"

                  + managed_rule_group_configs {
                      + aws_managed_rules_bot_control_rule_set {
                          + enable_machine_learning = true
                          + inspection_level        = "COMMON"
                        }
                    }
                }
            }

          + visibility_config {
              + cloudwatch_metrics_enabled = true
              + metric_name                = "AWSManagedRulesBotControlRuleSet"
              + sampled_requests_enabled   = true
            }
        }

        # (2 unchanged blocks hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.
tokens/gitlab
CLEAN
accounts/wwnbusiness-services/config
ERROR NO AUDIT
View plan output
Planning failed. Terraform encountered an error while generating this plan.


Error: Invalid provider configuration

Provider "registry.terraform.io/hashicorp/aws" requires explicit
configuration. Add a provider block to the root module and configure the
provider's required arguments as described in the provider documentation.


Error: role ARN is not set

  with provider["registry.terraform.io/hashicorp/aws"],
  on <empty> line 0:
  (source code not available)
accounts/wwnbusiness-services/iam
ERROR NO AUDIT
View plan output
Planning failed. Terraform encountered an error while generating this plan.


Error: Invalid provider configuration

Provider "registry.terraform.io/hashicorp/aws" requires explicit
configuration. Add a provider block to the root module and configure the
provider's required arguments as described in the provider documentation.


Error: role ARN is not set

  with provider["registry.terraform.io/hashicorp/aws"],
  on <empty> line 0:
  (source code not available)
accounts/wwnbusiness-services/s3
ERROR NO AUDIT
View plan output
Planning failed. Terraform encountered an error while generating this plan.


Error: Invalid provider configuration

Provider "registry.terraform.io/hashicorp/aws" requires explicit
configuration. Add a provider block to the root module and configure the
provider's required arguments as described in the provider documentation.


Error: role ARN is not set

  with provider["registry.terraform.io/hashicorp/aws"],
  on <empty> line 0:
  (source code not available)
Generated by GitLab CI/CD · Pipeline #2663659154 · 2026-07-09 06:18:54 UTC