From 20c58fdc219c9126107ae69f85cf13ad4d69badd Mon Sep 17 00:00:00 2001 From: andrewpeng02 Date: Thu, 16 May 2024 21:24:01 -0500 Subject: [PATCH] update permissions --- dlp-terraform/ecs/ecs_django_service.tf | 5 +++++ dlp-terraform/ecs/ecs_training_service.tf | 12 ++---------- frontend/next.config.js | 2 +- 3 files changed, 8 insertions(+), 11 deletions(-) diff --git a/dlp-terraform/ecs/ecs_django_service.tf b/dlp-terraform/ecs/ecs_django_service.tf index 910bfb45..8a317e39 100644 --- a/dlp-terraform/ecs/ecs_django_service.tf +++ b/dlp-terraform/ecs/ecs_django_service.tf @@ -10,6 +10,11 @@ resource "aws_iam_role" "django_ecs_task_role" { } data "aws_iam_policy_document" "django_inline_policy" { + statement { + actions = ["sqs:SendMessage", "sqs:GetQueueAttributes"] + resources = [aws_sqs_queue.training_queue.arn] + } + statement { actions = ["secretsmanager:GetSecretValue"] resources = ["arn:aws:secretsmanager:us-east-1:521654603461:secret:DLP/Firebase/Admin_SDK-8g8IDn"] diff --git a/dlp-terraform/ecs/ecs_training_service.tf b/dlp-terraform/ecs/ecs_training_service.tf index d10d8662..32ab0ae2 100644 --- a/dlp-terraform/ecs/ecs_training_service.tf +++ b/dlp-terraform/ecs/ecs_training_service.tf @@ -11,12 +11,12 @@ resource "aws_iam_role" "training_ecs_task_role" { data "aws_iam_policy_document" "training_inline_policy" { statement { - actions = ["sqs:ReceiveMessage"] + actions = ["sqs:ReceiveMessage", "sqs:GetQueueAttributes", "sqs:ChangeMessageVisibility"] resources = [aws_sqs_queue.training_queue.arn] } statement { - actions = ["s3:ListBucket", "s3:GetObject"] + actions = ["s3:PutObject"] resources = [aws_s3_bucket.s3bucket_executions.arn] } } @@ -72,14 +72,6 @@ resource "aws_ecs_service" "training" { lifecycle { ignore_changes = [desired_count] } - - # load_balancer { - # target_group_arn = aws_lb_target_group.app.arn - # container_name = "training" - # container_port = 8000 - # } - - # depends_on = [aws_lb_target_group.app] } # --- ECS Service Auto Scaling --- diff --git a/frontend/next.config.js b/frontend/next.config.js index 2e1609f6..51d2a54a 100644 --- a/frontend/next.config.js +++ b/frontend/next.config.js @@ -25,7 +25,7 @@ const nextConfig = { source: "/api/training/:path*", destination: process.env.ENVIRONMENT === "production" - ? "http://alb-785155211.us-east-1.elb.amazonaws.com/api/:path*" // note, this url changes every time you destroy/apply Terraform + ? "http://alb-1805434018.us-east-1.elb.amazonaws.com/api/:path*" // note, this url changes every time you destroy/apply Terraform : "http://127.0.0.1:8000/api/:path*", }, ],