Skip to content

Commit 54faf9e

Browse files
author
Yuriy Bezsonov
committed
WIP: refactoring - fix jvm
1 parent 593d74b commit 54faf9e

2 files changed

Lines changed: 19 additions & 30 deletions

File tree

infrastructure/cdk/src/main/java/com/unicorn/core/InfrastructureEks.java

Lines changed: 14 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -44,20 +44,20 @@ private void createRolesEks() {
4444
"UnicornStoreEksPodRole-" + "AmazonBedrockLimitedAccess",
4545
"arn:aws:iam::aws:policy/AmazonBedrockLimitedAccess"));
4646

47-
unicornStoreEksPodRole.addToPolicy(PolicyStatement.Builder.create()
48-
.effect(Effect.ALLOW)
49-
.actions(List.of(
50-
"ecs:ListTasks",
51-
"ecs:DescribeTasks",
52-
"ecs:ListServices",
53-
"ecs:DescribeServices",
54-
"ecs:ListClusters",
55-
"ecs:DescribeClusters",
56-
"ecs:ListContainerInstances",
57-
"ecs:DescribeContainerInstances"
58-
))
59-
.resources(List.of("*"))
60-
.build());
47+
// unicornStoreEksPodRole.addToPolicy(PolicyStatement.Builder.create()
48+
// .effect(Effect.ALLOW)
49+
// .actions(List.of(
50+
// "ecs:ListTasks",
51+
// "ecs:DescribeTasks",
52+
// "ecs:ListServices",
53+
// "ecs:DescribeServices",
54+
// "ecs:ListClusters",
55+
// "ecs:DescribeClusters",
56+
// "ecs:ListContainerInstances",
57+
// "ecs:DescribeContainerInstances"
58+
// ))
59+
// .resources(List.of("*"))
60+
// .build());
6161

6262
infrastructureCore.getEventBridge().grantPutEventsTo(unicornStoreEksPodRole);
6363
infrastructureCore.getDatabaseSecret().grantRead(unicornStoreEksPodRole);

infrastructure/cfn/unicornstore-stack.yaml

Lines changed: 5 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -492,7 +492,7 @@ Resources:
492492
UnicornStoreIdeIdeLogGroup7A5EFA50:
493493
Type: AWS::Logs::LogGroup
494494
Properties:
495-
LogGroupName: unicornstore-ide-bootstrap-log-20250727-102705
495+
LogGroupName: unicornstore-ide-bootstrap-log-20250727-104431
496496
RetentionInDays: 7
497497
UpdateReplacePolicy: Retain
498498
DeletionPolicy: Retain
@@ -1170,7 +1170,8 @@ Resources:
11701170
/opt/aws/bin/cfn-signal -e $exit_code '${waitConditionHandleUrl}'
11711171
11721172
exit $exit_code
1173-
- instanceIamRoleArn:
1173+
- splashUrl: ""
1174+
instanceIamRoleArn:
11741175
Fn::GetAtt:
11751176
- UnicornStoreIdeIdeRole81A2CEAA
11761177
- Arn
@@ -1243,7 +1244,6 @@ Resources:
12431244
codeServerVersion: 4.101.2
12441245
instanceIamRoleName:
12451246
Ref: UnicornStoreIdeIdeRole81A2CEAA
1246-
splashUrl: ""
12471247
name: IdeBootstrapFunction
12481248
action: aws:runShellScript
12491249
DocumentFormat: YAML
@@ -1747,7 +1747,7 @@ Resources:
17471747
- Ref: AWS::AccountId
17481748
- "-"
17491749
- Ref: AWS::Region
1750-
- "-20250727102705"
1750+
- "-20250727104431"
17511751
PublicAccessBlockConfiguration:
17521752
BlockPublicAcls: true
17531753
BlockPublicPolicy: true
@@ -2107,17 +2107,6 @@ Resources:
21072107
- Action: xray:PutTraceSegments
21082108
Effect: Allow
21092109
Resource: "*"
2110-
- Action:
2111-
- ecs:ListTasks
2112-
- ecs:DescribeTasks
2113-
- ecs:ListServices
2114-
- ecs:DescribeServices
2115-
- ecs:ListClusters
2116-
- ecs:DescribeClusters
2117-
- ecs:ListContainerInstances
2118-
- ecs:DescribeContainerInstances
2119-
Effect: Allow
2120-
Resource: "*"
21212110
- Action: events:PutEvents
21222111
Effect: Allow
21232112
Resource:
@@ -2379,13 +2368,13 @@ Resources:
23792368
}
23802369
Environment:
23812370
Variables:
2371+
EKS_CLUSTER_NAME: unicorn-store
23822372
S3_THREAD_DUMPS_PREFIX: thread-dumps/
23832373
APP_LABEL: unicorn-store-spring
23842374
KUBERNETES_AUTH_TYPE: aws
23852375
K8S_NAMESPACE: unicorn-store-spring
23862376
S3_BUCKET_NAME:
23872377
Ref: InfrastructureCoreWorkshopBucketB6510E67
2388-
EKS_CLUSTER_NAME: unicorn-store
23892378
FunctionName: unicornstore-thread-dump-lambda
23902379
Handler: index.lambda_handler
23912380
MemorySize: 512

0 commit comments

Comments
 (0)