From e6d6b8bde79a397fe85017f0dd6683fb7eec938b Mon Sep 17 00:00:00 2001
From: Sarah Gibson <drsarahlgibson@gmail.com>
Date: Thu, 22 Aug 2024 17:22:50 +0100
Subject: [PATCH 1/3] Ensure EFS instances are encrypted

---
 terraform/aws/efs.tf | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/terraform/aws/efs.tf b/terraform/aws/efs.tf
index 29f064aa27..4463b01da7 100644
--- a/terraform/aws/efs.tf
+++ b/terraform/aws/efs.tf
@@ -43,10 +43,11 @@ data "aws_security_group" "cluster_nodes_shared_security_group" {
 # for an accurate cost allocation per hub of home directory storage.
 # https://github.com/2i2c-org/infrastructure/issues/4453
 resource "aws_efs_file_system" "hub_homedirs" {
-  for_each = var.filestores
-  tags = merge(var.tags, each.value.tags, {
+  for_each  = var.filestores
+  tags      = merge(var.tags, each.value.tags, {
     Name = each.value.name_suffix == null ? "hub-homedirs" : "hub-homedirs-${each.value.name_suffix}"
   })
+  encrypted = true
 
   # Transition files to a slower, cheaper backing medium 90 days
   # after they were last *accessed*. They will be transferred back to regular

From b020d89f0e704fb221c7a8781e84c615d3924a54 Mon Sep 17 00:00:00 2001
From: "pre-commit-ci[bot]"
 <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Date: Thu, 22 Aug 2024 16:23:37 +0000
Subject: [PATCH 2/3] [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci
---
 terraform/aws/efs.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/terraform/aws/efs.tf b/terraform/aws/efs.tf
index 4463b01da7..bddfb0aeef 100644
--- a/terraform/aws/efs.tf
+++ b/terraform/aws/efs.tf
@@ -43,8 +43,8 @@ data "aws_security_group" "cluster_nodes_shared_security_group" {
 # for an accurate cost allocation per hub of home directory storage.
 # https://github.com/2i2c-org/infrastructure/issues/4453
 resource "aws_efs_file_system" "hub_homedirs" {
-  for_each  = var.filestores
-  tags      = merge(var.tags, each.value.tags, {
+  for_each = var.filestores
+  tags = merge(var.tags, each.value.tags, {
     Name = each.value.name_suffix == null ? "hub-homedirs" : "hub-homedirs-${each.value.name_suffix}"
   })
   encrypted = true

From c4ab9aa52e6a146bac3f5801be4b6e490589b1ca Mon Sep 17 00:00:00 2001
From: Sarah Gibson <drsarahlgibson@gmail.com>
Date: Thu, 22 Aug 2024 18:16:57 +0100
Subject: [PATCH 3/3] Update servers IPs for staging and workshop EFS instances

---
 config/clusters/openscapes/staging.values.yaml  | 2 +-
 config/clusters/openscapes/workshop.values.yaml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/config/clusters/openscapes/staging.values.yaml b/config/clusters/openscapes/staging.values.yaml
index 7a83f0597a..0565ff8eb4 100644
--- a/config/clusters/openscapes/staging.values.yaml
+++ b/config/clusters/openscapes/staging.values.yaml
@@ -1,7 +1,7 @@
 basehub:
   nfs:
     pv:
-      serverIP: fs-05f0845c8a4f0b5a5.efs.us-west-2.amazonaws.com
+      serverIP: fs-0bede1dba0cd22029.efs.us-west-2.amazonaws.com
   userServiceAccount:
     annotations:
       eks.amazonaws.com/role-arn: arn:aws:iam::783616723547:role/openscapeshub-staging
diff --git a/config/clusters/openscapes/workshop.values.yaml b/config/clusters/openscapes/workshop.values.yaml
index 01908c9683..f512fee1c7 100644
--- a/config/clusters/openscapes/workshop.values.yaml
+++ b/config/clusters/openscapes/workshop.values.yaml
@@ -1,7 +1,7 @@
 basehub:
   nfs:
     pv:
-      serverIP: fs-0d709210a8154ad49.efs.us-west-2.amazonaws.com
+      serverIP: fs-09a9026ea8f4b4d3b.efs.us-west-2.amazonaws.com
   jupyterhub:
     custom:
       2i2c: