From 1b09e29edbd9082ffd26d48436c38348636c9356 Mon Sep 17 00:00:00 2001 From: Marty Fox Date: Mon, 18 Mar 2024 11:48:48 +0000 Subject: [PATCH 1/6] Updating shuttering documentation to match new method for shuttering --- .../path-to-live/shutter.html.md.erb | 112 ++++++++++++++---- 1 file changed, 92 insertions(+), 20 deletions(-) diff --git a/source/cloud-native-platform/path-to-live/shutter.html.md.erb b/source/cloud-native-platform/path-to-live/shutter.html.md.erb index a5941908..f76c5a5d 100644 --- a/source/cloud-native-platform/path-to-live/shutter.html.md.erb +++ b/source/cloud-native-platform/path-to-live/shutter.html.md.erb @@ -1,6 +1,6 @@ --- title: Shutter Implementation and Design -last_reviewed_on: 2024-01-25 +last_reviewed_on: 2024-03-18 review_in: 6 months weight: 5 --- @@ -8,47 +8,119 @@ weight: 5 # <%= current_page.data.title %> ## Purpose + The purpose of this document is to describe the shutter solution design and its end to end implementation. -## Solution +## Implementation and Customization + +### Solution + +Shutter Solution Design Docs -![Shutter Solution Design Docs](/images/shutter_solution_static_webapp.png) +### Default shutter page -## Default shutter page By default the following shutter page is used as per the GOV.UK patterns [service-unavailable-pages](https://design-system.service.gov.uk/patterns/service-unavailable-pages/) +### Implementation -## Implementation and Customization Creating and Enabling the shutter solution for an application is a 3 step process as outlined below: - By default, all applications are provisioned with an `Azure Static Web App`. If you wish to exclude this feature, you can set the value of [shutter_app](https://github.com/hmcts/azure-platform-terraform/blob/697bea554cad5b19f5e822b859fd3a86b32e4ce3/environments/prod/prod.tfvars#L2316) to `false`. - To upload static content to an Azure Web App, you can use the repository named [azure-shutter-pages](https://github.com/hmcts/azure-shutter-pages). - Enable shutter with a DNS swap - ### Enable shutter with a DNS swap -Now everything is setup to render shutter page. Swap the DNS from Azure FrontDoor to Azure Static Web App endpoint with the following steps + +With everything setup to render a shutter page you can now swap the DNS from Azure FrontDoor to the Azure Static Web App endpoint. This is only relevant for A and CNAME type records. - Clone the [azure-public-dns](https://github.com/hmcts/azure-public-dns) repository +- Create a branch for your change +- Within the `environments` and `shuttering` folders check that a file exists for the environment and DNS zone you need to change e.g. `environments/prod/platform-hmcts-net.yaml` - Lets assume this application need to be shuttered `www.decree-absolute.apply-divorce.service.gov.uk` -- Create a PR with the appropriate [prod zone](https://github.com/hmcts/azure-public-dns/blob/a24128ffdc47687937cbab37aaa46040786c7955/environments/prod/apply-divorce-service-gov-uk.yml#L41) -- The above contents will be updated as follows: +- Find the relevant file relating to the DNS zone `apply-divorce-service-gov-uk` (and the environment being shuttered) and make sure there is a [record](https://github.com/hmcts/azure-public-dns/blob/a24128ffdc47687937cbab37aaa46040786c7955/environments/prod/apply-divorce-service-gov-uk.yml#L41) for the service +- Now check that an equivalent shuttering [configuration](https://github.com/hmcts/azure-public-dns/blob/27f3b5df3a1d3b847f2ca196e77a41c9ab896cc1/shuttering/prod/apply-divorce-service-gov-uk.yml#L20) exists for this record + -
+ Adding a missing shutter config + +
+- If the shutter config exists, changing the shutter value from false to true is all that is required to enable shuttering for this service. + -
+ What happens when you change the shutter value +

Setting shutter: true will enable the shutter page and redirect all the traffic to Azure CDN.
+ Setting shutter: false will disable the shutter page and redirect all the traffic back to Azure Frontdoor.

+
+- Create a PR with the changes and have it reviewed. Once merged this will update the exist record to point to the Azure Static Web App endpoint. -``` -- name: "www.decree-absolute" - ttl: 300 - record: "hmcts-prod.azurefd.net" - shutter: true -``` +This is a self service request and does not require Platform Operations to create, approve or merge. Therefore this can be done out of hours without having Platform Operations around for shuttering only. + +## Record Types + +There are two record types that allow shuttering to be enabled. +These are: + +- A records + - The "A" stands for "address" and this is the most fundamental type of DNS record. It indicates the IPv4 address of a given domain. +- CNAME records + - A "canonical name" (CNAME) record points from an alias domain to a "canonical" domain. A CNAME record is used in lieu of an A record, when a domain or subdomain is an alias of another domain. All CNAME records must point to a domain, never to an IP address. + +### Shuttering A record types + +A record types have some specific requirements with regard to shuttering. A records typically only allow IP addresses to be used BUT within Azure it is possible to direct A records to Azure resources, known as alias records. +This means we can direct A record types to Azure services such as Azure Front Door or Azure Web Apps. + +The way DNS has been setup for this project, an A record can have one of the following set: -`shutter: true` will enable the shutter page and redirect all the traffic to Azure CDN. -`shutter: false` will disable the shutter page and redirect all the traffic back to Azure Frontdoor. +- **record** - either a single IP or a list of IP addresses +- **shutter_resource_id** - an Alias to an Azure resource specifically used for shuttering +- **alias_target_resource_id** - an Alias to an Azure resource if not IP is used, can also be used for shutting but preference should be shutter_resource_id -This is a self service request and does not require Platform Operations to create, approve or merge. -Therefore this can be done out of hours without having Platform Operations around for shuttering only. +For shuttering purposes if you need to shutter an A record it must> have one of the following settings in the A record configuration: + +- **shutter_resource_id** +- **alias_target_resource_id** + +This is a requirement and failing to set one of these values on your A record before shuttering will result in the CI pipelines failing and your site may be in a limbo state until reverted or updated and re-run. + +### Shuttering CNAME record types + +CNAME records are much easier to shutter, for each record an equivalent shutter config must exist, as detailed in the Enable shuttering with a DNS swap section. + +Simply enable or disable the shutter using True/False values ## Shuttering Errors Shuttering error message - 404 Not Found - we couldn't find the page, please check the URL and try again - this occurs when browsing to folders after the main URL, which have not been set up for shuttering. Therefore teams need to update their custom shutter page. -See [azure-shutter-pages](https://github.com/hmcts/azure-shutter-pages) repository for examples, where there is shutter pages for further directories beyond the main URL. For example: [et-pet](https://github.com/hmcts/azure-shutter-pages/tree/master/et-pet) \ No newline at end of file +See [azure-shutter-pages](https://github.com/hmcts/azure-shutter-pages) repository for examples, where there is shutter pages for further directories beyond the main URL. For example: [et-pet](https://github.com/hmcts/azure-shutter-pages/tree/master/et-pet) + + + + + +Use the following steps to enable shuttering: + +Clone the azure-public-dns repository +Create a branch for your change +Within the environments and shuttering folders check that a file exists for the environment and DNS zone you need to change e.g. environments/prod/platform-hmcts-net.yaml +Lets assume the application that needs to be shuttered is: www.decree-absolute.apply-divorce.service.gov.uk +Find the relevant file relating to the DNS zone apply-divorce-service-gov-uk (and the environment being shuttered) and make sure there is a record for the service +Now check that an equivalent shuttering configuration exists for this record +Adding a missing shutter config +If no shutter config exists you will need to add it. +The shuttering file names match the environment file names so make sure to add it to the correct file. In this example we would need to add the shutter config value to shuttering/prod/apply-divorce-service-gov-uk.yml +When adding a new shutter value, the name field must match that of the DNS record, this is how we know which shutter config matches which DNS record +- name: "www.decree-absolute" + shutter: true +If the shutter config exists, changing the shutter value from false to true is all that is required to enable shuttering for this service. +What happens when you change the shutter value +Setting shutter: true will enable the shutter page and redirect all the traffic to Azure CDN. +Setting shutter: false will disable the shutter page and redirect all the traffic back to Azure Frontdoor. + +Create a PR with the changes and have it reviewed. Once merged this will update the exist record to point to the Azure Static Web App endpoint. +This is a self service request and does not require Platform Operations to create, approve or merge. Therefore this can be done out of hours without having Platform Operations around for shuttering only. \ No newline at end of file From d90406f4c2758a8992c2f3364b11512f802fad1d Mon Sep 17 00:00:00 2001 From: Marty Fox Date: Wed, 20 Mar 2024 12:43:29 +0000 Subject: [PATCH 2/6] remove unnecessary text from shuttering doc --- .../path-to-live/shutter.html.md.erb | 51 ++++++------------- 1 file changed, 15 insertions(+), 36 deletions(-) diff --git a/source/cloud-native-platform/path-to-live/shutter.html.md.erb b/source/cloud-native-platform/path-to-live/shutter.html.md.erb index f76c5a5d..3f969cc0 100644 --- a/source/cloud-native-platform/path-to-live/shutter.html.md.erb +++ b/source/cloud-native-platform/path-to-live/shutter.html.md.erb @@ -33,13 +33,15 @@ Creating and Enabling the shutter solution for an application is a 3 step proces With everything setup to render a shutter page you can now swap the DNS from Azure FrontDoor to the Azure Static Web App endpoint. This is only relevant for A and CNAME type records. -- Clone the [azure-public-dns](https://github.com/hmcts/azure-public-dns) repository -- Create a branch for your change -- Within the `environments` and `shuttering` folders check that a file exists for the environment and DNS zone you need to change e.g. `environments/prod/platform-hmcts-net.yaml` -- Lets assume this application need to be shuttered `www.decree-absolute.apply-divorce.service.gov.uk` -- Find the relevant file relating to the DNS zone `apply-divorce-service-gov-uk` (and the environment being shuttered) and make sure there is a [record](https://github.com/hmcts/azure-public-dns/blob/a24128ffdc47687937cbab37aaa46040786c7955/environments/prod/apply-divorce-service-gov-uk.yml#L41) for the service -- Now check that an equivalent shuttering [configuration](https://github.com/hmcts/azure-public-dns/blob/27f3b5df3a1d3b847f2ca196e77a41c9ab896cc1/shuttering/prod/apply-divorce-service-gov-uk.yml#L20) exists for this record - -
+1. Clone the [azure-public-dns](https://github.com/hmcts/azure-public-dns) repository +2. Create a branch for your change +3. Within the `environments` and `shuttering` folders check that a file exists for the environment and DNS zone you need to change e.g. `environments/prod/platform-hmcts-net.yaml` +4. Lets assume this application need to be shuttered `www.decree-absolute.apply-divorce.service.gov.uk` +5. Find the relevant file relating to the DNS zone `apply-divorce-service-gov-uk` (and the environment being shuttered) and make sure there is a [record](https://github.com/hmcts/azure-public-dns/blob/a24128ffdc47687937cbab37aaa46040786c7955/environments/prod/apply-divorce-service-gov-uk.yml#L41) for the service + +6. Now check that an equivalent shuttering [configuration](https://github.com/hmcts/azure-public-dns/blob/27f3b5df3a1d3b847f2ca196e77a41c9ab896cc1/shuttering/prod/apply-divorce-service-gov-uk.yml#L20) exists for this record + +-
Adding a missing shutter config
  • If no shutter config exists you will need to add it.
    • @@ -49,13 +51,16 @@ With everything setup to render a shutter page you can now swap the DNS from Azu shutter: true
-- If the shutter config exists, changing the shutter value from false to true is all that is required to enable shuttering for this service. - -
+ +7. If the shutter config exists, changing the shutter value from false to true is all that is required to enable shuttering for this service. + +-
What happens when you change the shutter value

Setting shutter: true will enable the shutter page and redirect all the traffic to Azure CDN.
Setting shutter: false will disable the shutter page and redirect all the traffic back to Azure Frontdoor.

-- Create a PR with the changes and have it reviewed. Once merged this will update the exist record to point to the Azure Static Web App endpoint. + +8. Create a PR with the changes and have it reviewed. Once merged this will update the exist record to point to the Azure Static Web App endpoint. This is a self service request and does not require Platform Operations to create, approve or merge. Therefore this can be done out of hours without having Platform Operations around for shuttering only. @@ -98,29 +103,3 @@ Simply enable or disable the shutter using True/False values Shuttering error message - 404 Not Found - we couldn't find the page, please check the URL and try again - this occurs when browsing to folders after the main URL, which have not been set up for shuttering. Therefore teams need to update their custom shutter page. See [azure-shutter-pages](https://github.com/hmcts/azure-shutter-pages) repository for examples, where there is shutter pages for further directories beyond the main URL. For example: [et-pet](https://github.com/hmcts/azure-shutter-pages/tree/master/et-pet) - - - - - -Use the following steps to enable shuttering: - -Clone the azure-public-dns repository -Create a branch for your change -Within the environments and shuttering folders check that a file exists for the environment and DNS zone you need to change e.g. environments/prod/platform-hmcts-net.yaml -Lets assume the application that needs to be shuttered is: www.decree-absolute.apply-divorce.service.gov.uk -Find the relevant file relating to the DNS zone apply-divorce-service-gov-uk (and the environment being shuttered) and make sure there is a record for the service -Now check that an equivalent shuttering configuration exists for this record -Adding a missing shutter config -If no shutter config exists you will need to add it. -The shuttering file names match the environment file names so make sure to add it to the correct file. In this example we would need to add the shutter config value to shuttering/prod/apply-divorce-service-gov-uk.yml -When adding a new shutter value, the name field must match that of the DNS record, this is how we know which shutter config matches which DNS record -- name: "www.decree-absolute" - shutter: true -If the shutter config exists, changing the shutter value from false to true is all that is required to enable shuttering for this service. -What happens when you change the shutter value -Setting shutter: true will enable the shutter page and redirect all the traffic to Azure CDN. -Setting shutter: false will disable the shutter page and redirect all the traffic back to Azure Frontdoor. - -Create a PR with the changes and have it reviewed. Once merged this will update the exist record to point to the Azure Static Web App endpoint. -This is a self service request and does not require Platform Operations to create, approve or merge. Therefore this can be done out of hours without having Platform Operations around for shuttering only. \ No newline at end of file From 04ab090646f16cd238465a33fa2b838f331eac78 Mon Sep 17 00:00:00 2001 From: Marty Fox Date: Wed, 20 Mar 2024 14:57:42 +0000 Subject: [PATCH 3/6] Adding a section to document for shutter_all optino --- .../path-to-live/shutter.html.md.erb | 92 ++++++++++++++----- 1 file changed, 70 insertions(+), 22 deletions(-) diff --git a/source/cloud-native-platform/path-to-live/shutter.html.md.erb b/source/cloud-native-platform/path-to-live/shutter.html.md.erb index 3f969cc0..d981d3c8 100644 --- a/source/cloud-native-platform/path-to-live/shutter.html.md.erb +++ b/source/cloud-native-platform/path-to-live/shutter.html.md.erb @@ -31,6 +31,8 @@ Creating and Enabling the shutter solution for an application is a 3 step proces ### Enable shutter with a DNS swap +#### Individual Records + With everything setup to render a shutter page you can now swap the DNS from Azure FrontDoor to the Azure Static Web App endpoint. This is only relevant for A and CNAME type records. 1. Clone the [azure-public-dns](https://github.com/hmcts/azure-public-dns) repository @@ -38,31 +40,77 @@ With everything setup to render a shutter page you can now swap the DNS from Azu 3. Within the `environments` and `shuttering` folders check that a file exists for the environment and DNS zone you need to change e.g. `environments/prod/platform-hmcts-net.yaml` 4. Lets assume this application need to be shuttered `www.decree-absolute.apply-divorce.service.gov.uk` 5. Find the relevant file relating to the DNS zone `apply-divorce-service-gov-uk` (and the environment being shuttered) and make sure there is a [record](https://github.com/hmcts/azure-public-dns/blob/a24128ffdc47687937cbab37aaa46040786c7955/environments/prod/apply-divorce-service-gov-uk.yml#L41) for the service - 6. Now check that an equivalent shuttering [configuration](https://github.com/hmcts/azure-public-dns/blob/27f3b5df3a1d3b847f2ca196e77a41c9ab896cc1/shuttering/prod/apply-divorce-service-gov-uk.yml#L20) exists for this record + -
+ Adding a missing shutter config +
    +
  • If no shutter config exists you will need to add it.
    • +
  • The shuttering file names match the environment file names so make sure to add it to the correct file. In this example we would need to add the shutter config value to shuttering/prod/apply-divorce-service-gov-uk.yml
    • +
  • When adding a new shutter value, the name field must match that of the DNS record, this is how we know which shutter config matches which DNS record
    • + 
    - name: "www.decree-absolute"
+        shutter: true
    +
+
+7. If the shutter config exists, changing the shutter value from false to true is all that is required to enable shuttering for this service. + -
+ What happens when you change the shutter value +

Setting shutter: true will enable the shutter page and redirect all traffic to Azure CDN.
+ Setting shutter: false will disable the shutter page and redirect all traffic back to Azure Frontdoor.

+
+8. Create a PR with the changes and have it reviewed. Once merged this will update the exist record to point to the Azure Static Web App endpoint. --
- Adding a missing shutter config -
    -
  • If no shutter config exists you will need to add it.
    • -
  • The shuttering file names match the environment file names so make sure to add it to the correct file. In this example we would need to add the shutter config value to shuttering/prod/apply-divorce-service-gov-uk.yml
    • -
  • When adding a new shutter value, the name field must match that of the DNS record, this is how we know which shutter config matches which DNS record
    • - 
    - name: "www.decree-absolute"
-      shutter: true
    -
-
+#### All Records in a single DNS Zone -7. If the shutter config exists, changing the shutter value from false to true is all that is required to enable shuttering for this service. +Shuttering all records in a single DNS zone follows a similar process to individual records. --
- What happens when you change the shutter value -

Setting shutter: true will enable the shutter page and redirect all the traffic to Azure CDN.
- Setting shutter: false will disable the shutter page and redirect all the traffic back to Azure Frontdoor.

-
+The ability to shutter all records in a single DNS zone allows for a complete service to be placed into shuttering for maintenance or upgrade purposes without needing to change every single record configuration. -8. Create a PR with the changes and have it reviewed. Once merged this will update the exist record to point to the Azure Static Web App endpoint. +This is a quality of life change, the functionality of the shuttering remains the same. -This is a self service request and does not require Platform Operations to create, approve or merge. Therefore this can be done out of hours without having Platform Operations around for shuttering only. +1. Clone the [azure-public-dns](https://github.com/hmcts/azure-public-dns) repository +2. Create a branch for your change +3. Within the `environments` and `shuttering` folders check that a file exists for the environment and DNS zone you need to change e.g. `environments/prod/platform-hmcts-net.yaml` +4. Lets assume this zone needs to be shuttered `apply-divorce.service.gov.uk` +5. Find the relevant file relating to the DNS zone `apply-divorce-service-gov-uk` (and the environment being shuttered) +6. Now check that an equivalent shuttering [configuration](https://github.com/hmcts/azure-public-dns/blob/27f3b5df3a1d3b847f2ca196e77a41c9ab896cc1/shuttering/prod/apply-divorce-service-gov-uk.yml) exists for this record + -
+ Adding a missing shutter config +
    +
  • If no shutter config exists you will need to add it.
    • +
  • In the event that there is no shutter file with a name that matches the environment file it can be created by copying any existing file and renaming it to match the environment file name. In our example this would be shuttering/prod/apply-divorce-service-gov-uk.yml
    • +
  • In this new file, make sure to remove any existing A and CNAME records and replace these with values from the DNS Zone in question
    • +
  • If this DNS zone has never had a shutter configuration then the component will also need to be updated.
    • +
  • Find the component for the DNS zone and add the following config, in this example the file would be: components/prod/apply-divorce.tf and the example config to add should be added to the file. +
    • + 
    data "local_file" "apply_divorce_shutter_config" {
+            filename = "${path.cwd}/../../shuttering/prod/apply-divorce-service-gov-uk.yml"
+        }
    
+        module "apply-divorce" {
+          // existing config
+          shutter_config      = data.local_file.apply_divorce_shutter_config.content
+        }
    +
  • With this in place Terraform will now use this file and its configuration to shutter records in the DNS zone (e.g. apply-divorce-service-gov-uk) +
+
+7. If the shutter already config exists, you can then shutter all records in the zone in one of two ways: + - Use the `shutter_all` option to shutter every record in the zone, this overrides all other values in the shuttering config file. + - Use the individual `shutter_all_a` or `shutter_all_cname` options to shutter only that record type. These override all values for that specific record type; A or CNAME. This allows more granular control whilst still offering the option to shutter many records at once saving time. +8. What happens when you change these shutter values + -
+ Effect +

Setting shutter_all: true will enable the shutter pages and redirect all traffic to Azure CDN for EVERY record in that zone.
+ Setting shutter_all_a: false will enable the shutter pages and redirect all traffic to Azure CDN for EVERY A record in that zone.
+ Setting shutter_all_cname: false will enable the shutter pages and redirect all traffic to Azure CDN for EVERY CNAME record in that zone.
+

+ -
+ Heirarchy + shutter_all is a master switch and overrides all other values.
+ shutter_all_a and shutter_all_cname are exclusive and will not overlap or affect each other.

+
+9. Create a PR with the changes and have it reviewed. Once merged this will update the exist record to point to the Azure Static Web App endpoint. + + +This is a self service request and **does not** require Platform Operations to create, approve or merge. Therefore this can be done out of hours without having Platform Operations around for shuttering only. ## Record Types @@ -85,7 +133,7 @@ The way DNS has been setup for this project, an A record can have one of the fol - **shutter_resource_id** - an Alias to an Azure resource specifically used for shuttering - **alias_target_resource_id** - an Alias to an Azure resource if not IP is used, can also be used for shutting but preference should be shutter_resource_id -For shuttering purposes if you need to shutter an A record it must> have one of the following settings in the A record configuration: +For shuttering purposes if you need to shutter an A record it **must** have one of the following settings in the A record configuration: - **shutter_resource_id** - **alias_target_resource_id** @@ -94,9 +142,9 @@ This is a requirement and failing to set one of these values on your A record be ### Shuttering CNAME record types -CNAME records are much easier to shutter, for each record an equivalent shutter config must exist, as detailed in the Enable shuttering with a DNS swap section. +CNAME records are much easier to shutter, for each record an equivalent shutter config must exist, as detailed in the *[Individual Records](#individual-records)* section. -Simply enable or disable the shutter using True/False values +As long as there is a matching shutter config for the DNS record you can update the shutter value to true to enable a shutter. ## Shuttering Errors From 7703608ac5b8a0aa96e13e11e3c62106e4603df9 Mon Sep 17 00:00:00 2001 From: Marty Fox Date: Wed, 20 Mar 2024 15:01:27 +0000 Subject: [PATCH 4/6] spell check --- source/cloud-native-platform/path-to-live/shutter.html.md.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/cloud-native-platform/path-to-live/shutter.html.md.erb b/source/cloud-native-platform/path-to-live/shutter.html.md.erb index d981d3c8..298ddf28 100644 --- a/source/cloud-native-platform/path-to-live/shutter.html.md.erb +++ b/source/cloud-native-platform/path-to-live/shutter.html.md.erb @@ -103,7 +103,7 @@ This is a quality of life change, the functionality of the shuttering remains th Setting shutter_all_cname: false will enable the shutter pages and redirect all traffic to Azure CDN for EVERY CNAME record in that zone.
-
- Heirarchy + Hierarchy shutter_all is a master switch and overrides all other values.
shutter_all_a and shutter_all_cname are exclusive and will not overlap or affect each other.

From 8dc71380abd76d7872688e80471c28a29c4ddcc2 Mon Sep 17 00:00:00 2001 From: Marty Fox Date: Wed, 20 Mar 2024 15:03:27 +0000 Subject: [PATCH 5/6] adding cname as an allowed word --- .github/actions/spelling/expect.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/actions/spelling/expect.txt b/.github/actions/spelling/expect.txt index 762663cc..547bb50e 100644 --- a/.github/actions/spelling/expect.txt +++ b/.github/actions/spelling/expect.txt @@ -9,6 +9,7 @@ brfxgseqf btcqhe bueqa cdd +cname cpen dbdveha DLRM From f77945c180216181ae2ee8a00fcdc3972f9daba8 Mon Sep 17 00:00:00 2001 From: Marty Fox Date: Thu, 21 Mar 2024 12:37:27 +0000 Subject: [PATCH 6/6] adding additional info to help understand where the values for A records come from --- .../path-to-live/shutter.html.md.erb | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/source/cloud-native-platform/path-to-live/shutter.html.md.erb b/source/cloud-native-platform/path-to-live/shutter.html.md.erb index 298ddf28..288c919e 100644 --- a/source/cloud-native-platform/path-to-live/shutter.html.md.erb +++ b/source/cloud-native-platform/path-to-live/shutter.html.md.erb @@ -138,7 +138,21 @@ For shuttering purposes if you need to shutter an A record it **must** have one - **shutter_resource_id** - **alias_target_resource_id** -This is a requirement and failing to set one of these values on your A record before shuttering will result in the CI pipelines failing and your site may be in a limbo state until reverted or updated and re-run. +Here you can see an example of an A record that uses [both](https://github.com/hmcts/azure-public-dns/blob/master/environments/prod/apply-to-adopt-a-child-placed-in-your-care-service-gov-uk.yml#L8). + +- You can see that the A record is an Alias, because it uses **alias_target_resource_id** instead of an IP **record** and it also has a **shutter_resource_id** entry that points to an Azure Static Web App which is discussed in the [implementation](#implementation) section. + +Setting **shutter_resource_id** you can use the following format: + + shutter_resource_id = /subscriptions//resourceGroups/cft-platform-shutter-webapp--rg/providers/Microsoft.Web/staticSites/ + +Where you should replace: + +- subId = subscription Id where the static WebApp is stored, this will match the environment that you are deploying the shutter for e.g. An `sbox deployed app` = `DCD-CFTAPPS-SBOX` = `b72ab7b7-723f-4b18-b6f6-03b0f2c6a1bb` +- env - the `environment` name for the resource group that contains the web app, again this will be the same as the environment for the app being shuttered +- service name - This will match the name of your application. For example based on the example linked above, the static web app name is `adoption` + +**This is a requirement and failing to set one of these values on your A record before shuttering will result in the CI pipelines failing and your site may be in a limbo state until reverted or updated and re-run.** ### Shuttering CNAME record types