Skip to content

Commit

Permalink
Add Execution ID tagging and s3 bucket policy to allow object tagging
Browse files Browse the repository at this point in the history
  • Loading branch information
@ha7315
ha7315 committed Dec 27, 2024
1 parent 04592f2 commit dcdacc8
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 2 deletions.
3 changes: 2 additions & 1 deletion modules/postgres-etl/extract/extract_s3.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,8 @@ resource "aws_s3_bucket_policy" "extract" {
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject",
"s3:ListBucket"
"s3:ListBucket",
"s3:GetObjectTagging"
],
"Resource" : [
"${aws_s3_bucket.extract.arn}",
Expand Down
2 changes: 1 addition & 1 deletion modules/postgres-etl/extract/extract_task.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ module "extract_task" {
# N.B. $DUMP_FILENAME is injected by the Step Function task
override_command = [
"sh", "-c",
"apk upgrade && rm -rf $MOUNT_POINT/$DUMP_FILENAME && pg_dump -d $DB_CONNECTION_URL -Fd -j ${var.extract_task_pgrestore_workers} --no-acl --no-owner -f $MOUNT_POINT/$DUMP_FILENAME && echo \"Database successfully dumped\" && tar -C $MOUNT_POINT -cf $MOUNT_POINT/$DUMP_FILENAME.tar $DUMP_FILENAME && echo \"Archive successfully created\" && aws s3 cp --quiet $MOUNT_POINT/$DUMP_FILENAME.tar s3://${var.s3_extract_bucket_name}-${var.environment_name}/$DUMP_FILENAME-$(date +%Y-%m-%d-%H-%M-%S)_$LOAD_ENVIRONMENT.tar && echo \"$DUMP_FILENAME successfully uploaded to S3\""
"apk upgrade && rm -rf $MOUNT_POINT/$DUMP_FILENAME && pg_dump -d $DB_CONNECTION_URL -Fd -j ${var.extract_task_pgrestore_workers} --no-acl --no-owner -f $MOUNT_POINT/$DUMP_FILENAME && echo \"Database successfully dumped\" && tar -C $MOUNT_POINT -cf $MOUNT_POINT/$DUMP_FILENAME.tar $DUMP_FILENAME && echo \"Archive successfully created\" && aws s3 cp --quiet --tagging \"ExecutionID=$EXECUTION_ID\" $MOUNT_POINT/$DUMP_FILENAME.tar s3://${var.s3_extract_bucket_name}-${var.environment_name}/$DUMP_FILENAME-$(date +%Y-%m-%d-%H-%M-%S)_$LOAD_ENVIRONMENT.tar && echo \"$DUMP_FILENAME successfully uploaded to S3\""
]
port = null
# ECS Execution role will need access to these
Expand Down

0 comments on commit dcdacc8

Please sign in to comment.