dbt-platform-helper 15.3.0__py3-none-any.whl → 15.16.0__py3-none-any.whl

dbt_platform_helper/COMMANDS.md

@@ -25,6 +25,7 @@
     - [platform-helper pipeline](#platform-helper-pipeline)
         - [platform-helper pipeline generate](#platform-helper-pipeline-generate)
     - [platform-helper secrets](#platform-helper-secrets)
+        - [platform-helper secrets create](#platform-helper-secrets-create)
         - [platform-helper secrets copy](#platform-helper-secrets-copy)
         - [platform-helper secrets list](#platform-helper-secrets-list)
     - [platform-helper notify](#platform-helper-notify)
@@ -63,6 +64,7 @@ platform-helper <command> [--version]
 - [`database` ↪](#platform-helper-database)
 - [`environment` ↪](#platform-helper-environment)
 - [`generate` ↪](#platform-helper-generate)
+- [`internal` ↪](#platform-helper-internal)
 - [`notify` ↪](#platform-helper-notify)
 - [`pipeline` ↪](#platform-helper-pipeline)
 - [`secrets` ↪](#platform-helper-secrets)
@@ -600,7 +602,7 @@ This is generated from the terraform/environments-pipeline/<aws_account>/main.tf
 ## Usage
 
 ```
-platform-helper secrets (copy|list) 
+platform-helper secrets (create|copy|list) 
 ```
 
 ## Options
@@ -611,30 +613,53 @@ platform-helper secrets (copy|list)
 ## Commands
 
 - [`copy` ↪](#platform-helper-secrets-copy)
+- [`create` ↪](#platform-helper-secrets-create)
 - [`list` ↪](#platform-helper-secrets-list)
 
-# platform-helper secrets copy
+# platform-helper secrets create
 
 [↩ Parent](#platform-helper-secrets)
 
-    Copy secrets from one environment to a new environment.
+    Create a Parameter Store secret for all environments of an
+    application.
 
 ## Usage
 
 ```
-platform-helper secrets copy <source_environment> <target_environment> 
-                             --project-profile <project_profile> 
+platform-helper secrets create --app <application> --name <name> [--overwrite] 
 ```
 
-## Arguments
+## Options
 
-- `source_environment <text>`
-- `target_environment <text>`
+- `--app <text>`
+  - Application name.
+- `--name <text>`
+  - Secret name (automatically uppercased).
+- `--overwrite <boolean>` _Defaults to False._
+  - Allows overwriting the value of secrets if they already exist.
+- `--help <boolean>` _Defaults to False._
+  - Show this message and exit.
+
+# platform-helper secrets copy
+
+[↩ Parent](#platform-helper-secrets)
+
+    Copy secrets from one environment to another.
+
+## Usage
+
+```
+platform-helper secrets copy --app <application> --source <source> --target <target> 
+```
 
 ## Options
 
-- `--project-profile <text>`
-  - AWS account profile name
+- `--app <text>`
+  - Application name.
+- `--source <text>`
+  - Source environment where to copy secrets from.
+- `--target <text>`
+  - Destination environment where to copy secrets to.
 - `--help <boolean>` _Defaults to False._
   - Show this message and exit.
 
@@ -642,7 +667,7 @@ platform-helper secrets copy <source_environment> <target_environment>
 
 [↩ Parent](#platform-helper-secrets)
 
-    List secret names and values for an environment.
+    [DELETED] List secret names and values for an environment.
 
 ## Usage
 

dbt_platform_helper/commands/application.py

@@ -281,12 +281,13 @@ def task_stats(env, app, disk, storage, network):
         memory,
         dsk,
     ) in cpu_response["results"]:
+        cpu_value = f"{float(cpu['value']):.1f}" + "%"
         values = [
             f"{YELLOW}{taskdef['value'].split('-')[-1]}",
             f"{YELLOW}{task['value']}",
             f"{YELLOW}{task_def_revision['value']}",
             f"{YELLOW}{status['value']}",
-            f"{YELLOW}{'%.1f' % float(cpu['value']) + '%'}",
+            f"{YELLOW}{cpu_value}",
             f"{YELLOW}{memory['value'] + 'M'}",
         ]
 

dbt_platform_helper/commands/conduit.py

@@ -27,7 +27,7 @@ def conduit(addon_name: str, app: str, env: str, access: str):
     """Opens a shell for a given addon_name create a conduit connection to
     interact with postgres, opensearch or redis."""
     PlatformHelperVersioning().check_if_needs_update()
-    application = load_application(app)
+    application = load_application(app=app, env=env)
 
     try:
         secrets_provider: Secrets = Secrets(

dbt_platform_helper/commands/environment.py

@@ -8,7 +8,11 @@ from dbt_platform_helper.platform_exception import PlatformException
 from dbt_platform_helper.providers.cloudformation import CloudFormation
 from dbt_platform_helper.providers.config import ConfigProvider
 from dbt_platform_helper.providers.config_validator import ConfigValidator
+from dbt_platform_helper.providers.environment_variable import (
+    EnvironmentVariableProvider,
+)
 from dbt_platform_helper.providers.io import ClickIOProvider
+from dbt_platform_helper.providers.terraform_manifest import TerraformManifestProvider
 from dbt_platform_helper.providers.vpc import VpcProvider
 from dbt_platform_helper.utils.application import load_application
 from dbt_platform_helper.utils.aws import get_aws_session_or_abort
@@ -91,7 +95,14 @@ def generate_terraform(name):
     try:
         session = get_aws_session_or_abort()
         config_provider = ConfigProvider(ConfigValidator(session=session))
-        TerraformEnvironment(config_provider).generate(name)
+        platform_helper_versioning = PlatformHelperVersioning(
+            click_io,
+            config_provider,
+            EnvironmentVariableProvider(),
+        )
+        TerraformEnvironment(
+            config_provider, TerraformManifestProvider(), click_io, platform_helper_versioning
+        ).generate(name)
 
     except PlatformException as err:
         click_io.abort_with_error(str(err))

dbt_platform_helper/commands/generate.py

@@ -3,7 +3,6 @@ import click
 
 from dbt_platform_helper.commands.copilot import make_addons
 from dbt_platform_helper.commands.pipeline import generate as pipeline_generate
-from dbt_platform_helper.domain.versioning import PlatformHelperVersioning
 from dbt_platform_helper.utils.click import ClickDocOptCommand
 
 
@@ -16,6 +15,5 @@ def generate(ctx: click.Context):
 
     Wraps pipeline generate and make-addons.
     """
-    PlatformHelperVersioning().check_platform_helper_version_mismatch()
     ctx.invoke(pipeline_generate)
     ctx.invoke(make_addons)

dbt_platform_helper/commands/internal.py

@@ -0,0 +1,140 @@
+import click
+
+from dbt_platform_helper.domain.service import ServiceManager
+from dbt_platform_helper.domain.update_alb_rules import UpdateALBRules
+from dbt_platform_helper.domain.versioning import PlatformHelperVersioning
+from dbt_platform_helper.platform_exception import PlatformException
+from dbt_platform_helper.providers.autoscaling import AutoscalingProvider
+from dbt_platform_helper.providers.config import ConfigProvider
+from dbt_platform_helper.providers.config_validator import ConfigValidator
+from dbt_platform_helper.providers.ecs import ECS
+from dbt_platform_helper.providers.io import ClickIOProvider
+from dbt_platform_helper.providers.logs import LogsProvider
+from dbt_platform_helper.providers.s3 import S3Provider
+from dbt_platform_helper.utils.application import load_application
+from dbt_platform_helper.utils.aws import get_aws_session_or_abort
+from dbt_platform_helper.utils.click import ClickDocOptGroup
+
+
+@click.group(cls=ClickDocOptGroup)
+def internal():
+    """Internal commands for use within pipelines or by Platform Team."""
+
+
+@internal.command()
+def migrate_service_manifests():
+    """Migrate copilot manifests to service manifests."""
+    click_io = ClickIOProvider()
+
+    try:
+        service_manager = ServiceManager()
+        service_manager.migrate_copilot_manifests()
+    except PlatformException as error:
+        click_io.abort_with_error(str(error))
+
+
+@internal.group(cls=ClickDocOptGroup)
+def service():
+    """Subgroup for 'internal service' commands."""
+
+
+@service.command(help="Trigger an ECS deployment.")
+@click.option("--name", required=True, help="The name of the ECS service to create or update.")
+@click.option(
+    "--env",
+    required=True,
+    help="The name of the environment where the ECS service will be created or updated.",
+)
+@click.option(
+    "--image-tag",
+    required=True,
+    help="Image tag to deploy for the service(s). Takes precedence over the $IMAGE_TAG environment variable.",
+)
+def deploy(name, env, image_tag):
+    """Register a new ECS task definition from an S3 JSON template, update the
+    ECS service, and tail CloudWatch logs until the ECS rollout is complete."""
+    click_io = ClickIOProvider()
+
+    try:
+
+        config = ConfigProvider(ConfigValidator()).get_enriched_config()
+        application_name = config.get("application", "")
+        application = load_application(app=application_name, env=env)
+
+        ecs_client = application.environments[env].session.client("ecs")
+        ssm_client = application.environments[env].session.client("ssm")
+        s3_client = application.environments[env].session.client("s3")
+        logs_client = application.environments[env].session.client("logs")
+        autoscaling_client = application.environments[env].session.client("application-autoscaling")
+
+        ecs_provider = ECS(
+            ecs_client=ecs_client,
+            ssm_client=ssm_client,
+            application_name=application.name,
+            env=env,
+        )
+        s3_provider = S3Provider(client=s3_client)
+        logs_provider = LogsProvider(client=logs_client)
+        autoscaling_provider = AutoscalingProvider(client=autoscaling_client)
+
+        service_manager = ServiceManager(
+            ecs_provider=ecs_provider,
+            s3_provider=s3_provider,
+            logs_provider=logs_provider,
+            autoscaling_provider=autoscaling_provider,
+        )
+        service_manager.deploy(
+            service=name,
+            environment=env,
+            application=application.name,
+            image_tag=image_tag,
+        )
+    except PlatformException as error:
+        click_io.abort_with_error(str(error))
+
+
+@service.command(help="Generate Terraform manifest for the specified service(s).")
+@click.option(
+    "--name",
+    required=False,
+    help="The name of the service(s) to generate service manifest(s) for.",
+    multiple=True,
+)
+@click.option(
+    "--env",
+    required=True,
+    help="The name of the environment to generate service manifests for.",
+)
+def generate(name, env):
+    """Validates the service-config.yml format, applies the environment-specific
+    overrides, and generates a Terraform manifest at
+    /terraform/services/<environment>/<service>/main.tf.json."""
+
+    services = list(name)
+    click_io = ClickIOProvider()
+
+    try:
+        service_manager = ServiceManager()
+        service_manager.generate(environment=env, services=services)
+
+    except PlatformException as err:
+        click_io.abort_with_error(str(err))
+
+
+@internal.group(cls=ClickDocOptGroup)
+def alb():
+    """Load Balancer related commands."""
+    PlatformHelperVersioning().check_if_needs_update()
+
+
+@alb.command()
+@click.option("--env", type=str, required=True)
+def update_rules(env: str):
+    """Update alb rules based on service-deployment-mode for a given
+    environment."""
+    try:
+        session = get_aws_session_or_abort()
+        update_aws = UpdateALBRules(session)
+        update_aws.update_alb_rules(environment=env)
+    except PlatformException as err:
+        ClickIOProvider().abort_with_error(str(err))

dbt_platform_helper/commands/pipeline.py

@@ -6,9 +6,12 @@ from dbt_platform_helper.domain.versioning import PlatformHelperVersioning
 from dbt_platform_helper.providers.config import ConfigProvider
 from dbt_platform_helper.providers.config_validator import ConfigValidator
 from dbt_platform_helper.providers.ecr import ECRProvider
+from dbt_platform_helper.providers.environment_variable import (
+    EnvironmentVariableProvider,
+)
+from dbt_platform_helper.providers.files import FileProvider
 from dbt_platform_helper.providers.io import ClickIOProvider
 from dbt_platform_helper.providers.terraform_manifest import TerraformManifestProvider
-from dbt_platform_helper.utils.aws import get_codestar_connection_arn
 from dbt_platform_helper.utils.click import ClickDocOptGroup
 from dbt_platform_helper.utils.git import git_remote
 
@@ -43,15 +46,24 @@ def generate(deploy_branch: str):
       The `terraform/codebase-pipelines/main.tf.json` file is generated using this configuration.
       The `main.tf.json` file is then used to generate Terraform for creating a codebase pipeline resource.
     """
+    config_provider = ConfigProvider(ConfigValidator())
+    environment_variable_provider = EnvironmentVariableProvider()
     io = ClickIOProvider()
+    platform_helper_versioning = PlatformHelperVersioning(
+        io,
+        config_provider,
+        environment_variable_provider,
+    )
+
     try:
         pipelines = Pipelines(
-            ConfigProvider(ConfigValidator()),
+            config_provider,
             TerraformManifestProvider(),
             ECRProvider(),
             git_remote,
-            get_codestar_connection_arn,
             io,
+            FileProvider(),
+            platform_helper_versioning,
         )
         pipelines.generate(deploy_branch)
     except Exception as exc:

dbt_platform_helper/commands/secrets.py

@@ -1,17 +1,12 @@
 #!/usr/bin/env python
 
-from pathlib import Path
 
 import click
-from botocore.exceptions import ClientError
-from cloudfoundry_client.client import CloudFoundryClient
 
+from dbt_platform_helper.domain.secrets import Secrets
 from dbt_platform_helper.domain.versioning import PlatformHelperVersioning
-from dbt_platform_helper.utils.application import get_application_name
-from dbt_platform_helper.utils.aws import SSM_BASE_PATH
-from dbt_platform_helper.utils.aws import get_aws_session_or_abort
-from dbt_platform_helper.utils.aws import get_ssm_secrets
-from dbt_platform_helper.utils.aws import set_ssm_param
+from dbt_platform_helper.platform_exception import PlatformException
+from dbt_platform_helper.providers.io import ClickIOProvider
 from dbt_platform_helper.utils.click import ClickDocOptGroup
 
 
@@ -19,100 +14,53 @@ def secret_should_be_skipped(secret_name):
     return "AWS_" in secret_name
 
 
-def get_paas_env_vars(client: CloudFoundryClient, paas: str) -> dict:
-    org, space, app = paas.split("/")
-
-    env_vars = None
-
-    for paas_org in client.v2.organizations:
-        if paas_org["entity"]["name"] == org:
-            for paas_space in paas_org.spaces():
-                if paas_space["entity"]["name"] == space:
-                    for paas_app in paas_space.apps():
-                        if paas_app["entity"]["name"] == app:
-                            env_vars = paas_app["entity"]["environment_json"]
-
-    if not env_vars:
-        raise Exception(f"Application {paas} not found")
-
-    return dict(env_vars)
-
-
 @click.group(chain=True, cls=ClickDocOptGroup)
 def secrets():
     PlatformHelperVersioning().check_if_needs_update()
 
 
 @secrets.command()
-@click.argument("source_environment")
-@click.argument("target_environment")
-@click.option("--project-profile", required=True, help="AWS account profile name")
-def copy(project_profile, source_environment, target_environment):
-    """Copy secrets from one environment to a new environment."""
-    get_aws_session_or_abort(project_profile)
-
-    if not Path(f"copilot/environments/{target_environment}").exists():
-        click.echo(f"""Target environment manifest for "{target_environment}" does not exist.""")
-        exit(1)
-
-    app_name = get_application_name()
-    secrets = get_ssm_secrets(app_name, source_environment)
-
-    for secret in secrets:
-        secret_name = secret[0].replace(f"/{source_environment}/", f"/{target_environment}/")
-
-        if secret_should_be_skipped(secret_name):
-            continue
-
-        click.echo(secret_name)
-
-        try:
-            set_ssm_param(
-                app_name,
-                target_environment,
-                secret_name,
-                secret[1],
-                False,
-                False,
-                f"Copied from {source_environment} environment.",
-            )
-        except ClientError as e:
-            if e.response["Error"]["Code"] == "ParameterAlreadyExists":
-                click.secho(
-                    f"""The "{secret_name.split("/")[-1]}" parameter already exists for the "{target_environment}" environment.""",
-                    fg="yellow",
-                )
-            else:
-                raise e
+@click.option("--app", help="Application name.", required=True)
+@click.option("--name", help="Secret name (automatically uppercased).", required=True)
+@click.option(
+    "--overwrite",
+    is_flag=True,
+    default=False,
+    help="Allows overwriting the value of secrets if they already exist.",
+)
+def create(app: str, name: str, overwrite: bool):
+    """Create a Parameter Store secret for all environments of an
+    application."""
+
+    try:
+        Secrets().create(app, name, overwrite)
+    except PlatformException as err:
+        ClickIOProvider().abort_with_error(str(err))
 
 
 @secrets.command()
-@click.argument("app", type=str, required=True)
-@click.argument("env", type=str, required=True)
-def list(app, env):
-    """List secret names and values for an environment."""
-
-    session = get_aws_session_or_abort()
-    client = session.client("ssm")
-
-    path = SSM_BASE_PATH.format(app=app, env=env)
-
-    params = dict(Path=path, Recursive=False, WithDecryption=True, MaxResults=10)
-    secrets = []
+@click.option("--app", help="Application name.", required=True)
+@click.option("--source", help="Source environment where to copy secrets from.", required=True)
+@click.option("--target", help="Destination environment where to copy secrets to.", required=True)
+def copy(app, source, target):
+    """Copy secrets from one environment to another."""
 
-    while True:
-        response = client.get_parameters_by_path(**params)
+    try:
+        Secrets().copy(app, source, target)
+    except PlatformException as err:
+        ClickIOProvider().abort_with_error(str(err))
 
-        for secret in response["Parameters"]:
-            secrets.append(f"{secret['Name']:<8}: {secret['Value']:<15}")
 
-        if "NextToken" in response:
-            params["NextToken"] = response["NextToken"]
-        else:
-            break
+@secrets.command()
+@click.argument("app", type=str, required=True)
+@click.argument("env", type=str, required=True)
+def list(app, env):
+    """[DELETED] List secret names and values for an environment."""
 
-    # TODO: DBTP-1953: When we refactor this, the above could probably just use dbt_platform_helper.utils.aws.get_ssm_secret_names so we would end up with print("\n".join(get_ssm_secret_names(app, env)))
-    print("\n".join(sorted(secrets)))
+    click.secho(
+        message="\nThis command has been removed to prevent accidental exposure of secret values in local terminals and logs. To view secrets, log into your AWS account and head over to AWS Parameter Store https://eu-west-2.console.aws.amazon.com/systems-manager/parameters/\n",
+        fg="magenta",
+    )
 
 
 if __name__ == "__main__":

dbt_platform_helper/commands/version.py

@@ -25,7 +25,8 @@ def get_platform_helper_for_project(pipeline):
 
     Version preferences removed, requires specifying platform-helper version in platform-config.yml
     """
+    io = ClickIOProvider()
     try:
-        PlatformHelperVersioning().get_required_version()
+        io.info(PlatformHelperVersioning().get_required_version())
     except PlatformException as err:
-        ClickIOProvider().abort_with_error(str(err))
+        io.abort_with_error(str(err))

dbt_platform_helper/constants.py

@@ -1,5 +1,18 @@
 # TODO: DBTP-1888: Move to Config provider
+REPO_ORG = "uktrade"
 PLATFORM_CONFIG_FILE = "platform-config.yml"
+SERVICE_DIRECTORY = "services"
+SERVICE_CONFIG_FILE = "service-config.yml"
+ENVIRONMENT_PIPELINE_MODULE_PATH = (
+    "git::git@github.com:uktrade/platform-tools.git//terraform/environment-pipelines?depth=1&ref="
+)
+
+CODEBASE_PIPELINE_MODULE_PATH = (
+    "git::git@github.com:uktrade/platform-tools.git//terraform/codebase-pipelines?depth=1&ref="
+)
+EXTENSIONS_MODULE_PATH = (
+    "git::git@github.com:uktrade/platform-tools.git//terraform/extensions?depth=1&ref="
+)
 PLATFORM_HELPER_VERSION_OVERRIDE_KEY = "PLATFORM_HELPER_VERSION_OVERRIDE"
 TERRAFORM_EXTENSIONS_MODULE_SOURCE_OVERRIDE_ENV_VAR = "TERRAFORM_EXTENSIONS_MODULE_SOURCE_OVERRIDE"
 TERRAFORM_ENVIRONMENT_PIPELINES_MODULE_SOURCE_OVERRIDE_ENV_VAR = (
@@ -8,13 +21,19 @@ TERRAFORM_ENVIRONMENT_PIPELINES_MODULE_SOURCE_OVERRIDE_ENV_VAR = (
 TERRAFORM_CODEBASE_PIPELINES_MODULE_SOURCE_OVERRIDE_ENV_VAR = (
     "TERRAFORM_CODEBASE_PIPELINES_MODULE_SOURCE_OVERRIDE"
 )
+TERRAFORM_ECS_SERVICE_MODULE_SOURCE_OVERRIDE_ENV_VAR = (
+    "TERRAFORM_ECS_SERVICE_MODULE_SOURCE_OVERRIDE"
+)
+TERRAFORM_MODULE_SOURCE_TYPE_ENV_VAR = "TERRAFORM_MODULE_SOURCE_TYPE"  # "LOCAL", "SSH", "OVERRIDE"
+IMAGE_TAG_ENV_VAR = "IMAGE_TAG"
 PLATFORM_HELPER_PACKAGE_NAME = "dbt-platform-helper"
-SUPPORTED_TERRAFORM_VERSION = "~> 1.8"
-SUPPORTED_AWS_PROVIDER_VERSION = "~> 5"
+SUPPORTED_TERRAFORM_VERSION = "~> 1.11"
+SUPPORTED_AWS_PROVIDER_VERSION = "~> 6"
 FIRST_UPGRADABLE_PLATFORM_HELPER_MAJOR_VERSION = 13
 
 MERGED_TPM_PLATFORM_HELPER_VERSION = 14
 PLATFORM_CONFIG_SCHEMA_VERSION = 1
+SERVICE_CONFIG_SCHEMA_VERSION = 1
 
 # Keys
 CODEBASE_PIPELINES_KEY = "codebase_pipelines"
@@ -37,3 +56,20 @@ SERVICE_NAME_SUFFIX = f"Service-{COPILOT_IDENTIFIER}"
 REFRESH_TOKEN_MESSAGE = (
     "To refresh this SSO session run `aws sso login` with the corresponding profile"
 )
+COPILOT_RULE_PRIORITY = 48000
+PLATFORM_RULE_STARTING_PRIORITY = 10000
+RULE_PRIORITY_INCREMENT = 100
+DUMMY_RULE_REASON = "DummyRule"
+MAINTENANCE_PAGE_TAGS = ["MaintenancePage", "AllowedIps", "BypassIpFilter", "AllowedSourceIps"]
+MAINTENANCE_PAGE_REASON = "MaintenancePage"
+MANAGED_BY_PLATFORM = "DBT Platform"
+MANAGED_BY_SERVICE_TERRAFORM = "DBT Platform - Service Terraform"
+MANAGED_BY_PLATFORM_TERRAFORM = "DBT Platform - Terraform"
+STANDARD_PLATFORM_SSO_ROLES = [
+    "AdministratorAccess",
+    "DBTPlatformDeveloperWrite",
+    "DBTPlatformDeveloperRead",
+]
+ROUTED_TO_PLATFORM_MODES = ["platform", "dual-deploy-platform-traffic"]
+ROUTED_TO_COPILOT_MODES = ["copilot", "dual-deploy-copilot-traffic"]
+HTTP_SERVICE_TYPES = ["Load Balanced Web Service"]

dbt_platform_helper/domain/conduit.py

@@ -1,3 +1,4 @@
+import json
 from abc import ABC
 from abc import abstractmethod
 from typing import Callable
@@ -56,10 +57,16 @@ class TerraformConduitStrategy(ConduitECSStrategy):
 
     def get_data(self):
         self.io.info("Starting conduit in Terraform mode.")
-        return {
-            "cluster_arn": self.ecs_provider.get_cluster_arn_by_name(
+        try:
+            cluster_arn = self.ecs_provider.get_cluster_arn_by_name(
+                f"{self.application.name}-{self.env}-cluster"
+            )
+        except:
+            cluster_arn = self.ecs_provider.get_cluster_arn_by_name(
                 f"{self.application.name}-{self.env}"
-            ),
+            )
+        return {
+            "cluster_arn": cluster_arn,
             "task_def_family": self._generate_container_name(),
             "vpc_name": self._resolve_vpc_name(),
             "addon_type": self.addon_type,
@@ -94,8 +101,10 @@ class TerraformConduitStrategy(ConduitECSStrategy):
                 },
             ]
 
+        cluster_name = data_context["cluster_arn"].split("/")[-1]
+
         self.ecs_provider.start_ecs_task(
-            f"{self.application.name}-{self.env}",
+            cluster_name,
             self._generate_container_name(),
             data_context["task_def_family"],
             vpc_config,
@@ -110,14 +119,18 @@ class TerraformConduitStrategy(ConduitECSStrategy):
 
     def _resolve_vpc_name(self):
         ssm_client = self.clients["ssm"]
-        parameter_key = f"/conduit/{self.application.name}/{self.env}/{_normalise_secret_name(self.addon_name)}_VPC_NAME"
+        parameter_key = f"/platform/applications/{self.application.name}/environments/{self.env}"
 
         try:
-            response = ssm_client.get_parameter(Name=parameter_key)
-            return response["Parameter"]["Value"]
+            response = ssm_client.get_parameter(Name=parameter_key)["Parameter"]["Value"]
+            return json.loads(response)["vpc_name"]
         except ssm_client.exceptions.ParameterNotFound:
             self.io.abort_with_error(
-                f"Could not find VPC name for {self.addon_name}. Missing SSM param: {parameter_key}"
+                f"Could not find AWS SSM parameter {parameter_key}. Please ensure your environment Terraform is up to date."
+            )
+        except KeyError:
+            self.io.abort_with_error(
+                f"The parameter {parameter_key} exists but does not contain the 'vpc_name' field. Please ensure your environment Terraform is up to date."
             )
 
 
@@ -326,7 +339,7 @@ class Conduit:
         data_context = strategy.get_data()
 
         data_context["task_arns"] = self.ecs_provider.get_ecs_task_arns(
-            data_context["cluster_arn"], data_context["task_def_family"]
+            cluster=data_context["cluster_arn"], task_def_family=data_context["task_def_family"]
         )
 
         info_log = (