Adding terraform changes to repo

hack4impact-upenn · Jan 24, 2025 · fa5bc0f · fa5bc0f
1 parent d5a169c
commit fa5bc0f
Show file tree

Hide file tree

Showing 4 changed files with 35 additions and 34 deletions.
diff --git a/infrastructure/backend/.terraform.lock.hcl b/infrastructure/backend/.terraform.lock.hcl
diff --git a/infrastructure/backend/main.tf b/infrastructure/backend/main.tf
@@ -57,7 +57,7 @@ resource "aws_ecs_task_definition" "app" {
         { "name" : "ATLAS_URI", "value" : var.atlas_uri },
         { "name" : "COOKIE_SECRET", "value" : var.cookie_secret },
         { "name" : "SENDGRID_API_KEY", "value" : var.sendgrid_api_key },
-        { "name" : "SENDGRID_EMAIL_ADDRESS", "value" : var.sendgrid_email_address }
+        { "name" : "SENDGRID_EMAIL_ADDRESS", "value" : var.sendgrid_email_address },
         { "name" : "MIXPANEL_TOKEN", "value" : var.mixpanel_token },
       ],
       logConfiguration = {
@@ -325,46 +325,46 @@ data "aws_iam_role" "ecs_task_execution_role" {
   name = "ecs_task_execution_role"
 }
 
-data "aws_iam_policy" "cloudwatch_logs_policy" {
-  arn = "arn:aws:iam::${var.aws_account_id}:policy/ECSLogsPolicy"
-}
+# data "aws_iam_policy" "cloudwatch_logs_policy" {
+#   arn = "arn:aws:iam::${var.aws_account_id}:policy/ECSLogsPolicy"
+# }
 
 resource "aws_iam_role_policy_attachment" "ecs_task_execution_policy_attachment" {
   role       = data.aws_iam_role.ecs_task_execution_role.name
   policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"
 }
 
-# resource "aws_iam_policy" "cloudwatch_logs_policy" {
-#   name        = "ECSLogsPolicy"
-#   description = "Allow ECS Task Execution Role to push logs to CloudWatch"
-
-#   policy = jsonencode({
-#     Version = "2012-10-17",
-#     Statement = [
-#       {
-#         Effect = "Allow",
-#         Action = [
-#           "logs:CreateLogStream",
-#           "logs:CreateLogGroup"
-#         ],
-#         Resource = "arn:aws:logs:*:*:*"
-#       },
-#       {
-#         Effect = "Allow",
-#         Action = [
-#           "logs:PutLogEvents"
-#         ],
-#         Resource = [
-#           "arn:aws:logs:*:*:log-group:/ecs/*:log-stream:*",
-#           "arn:aws:logs:*:*:log-group:/ecs/*"
-#         ]
-#       }
-#     ]
-#   })
-# }
+resource "aws_iam_policy" "cloudwatch_logs_policy" {
+  name        = "ECSLogsPolicy"
+  description = "Allow ECS Task Execution Role to push logs to CloudWatch"
+
+  policy = jsonencode({
+    Version = "2012-10-17",
+    Statement = [
+      {
+        Effect = "Allow",
+        Action = [
+          "logs:CreateLogStream",
+          "logs:CreateLogGroup"
+        ],
+        Resource = "arn:aws:logs:*:*:*"
+      },
+      {
+        Effect = "Allow",
+        Action = [
+          "logs:PutLogEvents"
+        ],
+        Resource = [
+          "arn:aws:logs:*:*:log-group:/ecs/*:log-stream:*",
+          "arn:aws:logs:*:*:log-group:/ecs/*"
+        ]
+      }
+    ]
+  })
+}
 
 resource "aws_iam_role_policy_attachment" "cloudwatch_logs_policy_attachment" {
   role       = data.aws_iam_role.ecs_task_execution_role.name
-  policy_arn = data.aws_iam_policy.cloudwatch_logs_policy.arn
+  policy_arn = aws_iam_policy.cloudwatch_logs_policy.arn
 }
 
diff --git a/infrastructure/backend/tfplan b/infrastructure/backend/tfplan
diff --git a/infrastructure/backend/variables.tf b/infrastructure/backend/variables.tf
@@ -17,7 +17,7 @@ variable "region" {
 }
 
 variable "cluster_name" {
-  default     = "app-cluster"
+  default     = "catalyst-kitchens"
   type        = string
   description = "Name of the ECS cluster"
 }