aequitosh/flutter-vienna-hackathon-25
1
0
Fork 0
mirror of https://github.com/timokz/flutter-vienna-hackathon-25.git synced 2025-11-09 03:34:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
flutter-vienna-hackathon-25/wien_talks_server/deploy/aws/terraform/code-deploy.tf
tk 6f196001bc flatten repo
2025-08-17 11:57:58 +02:00

98 lines
2.2 KiB
HCL
Raw Blame History

# Code deploy setup
resource "aws_iam_instance_profile" "codedeploy_profile" {
name = "${var.project_name}-codedeploy-profile"
role = aws_iam_role.codedeploy_role.name
}
resource "aws_iam_role" "codedeploy_role" {
name = "${var.project_name}-codedeploy-role"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "CodeDeploy",
"Effect": "Allow",
"Principal": {
"Service": [
"codedeploy.amazonaws.com",
"ec2.amazonaws.com"
]
},
"Action": "sts:AssumeRole"
}
]
}
EOF
}
resource "aws_iam_role_policy_attachment" "AWSCodeDeployRole" {
policy_arn = "arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole"
role = aws_iam_role.codedeploy_role.name
}
resource "aws_iam_policy" "s3_deployment" {
name = "${var.project_name}-codedeploy-role"
description = "Code deploy policy"
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:Get*",
"s3:List*"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::${var.deployment_bucket_name}/*"
}
]
}
EOF
}
resource "aws_iam_role_policy_attachment" "S3Role" {
policy_arn = aws_iam_policy.s3_deployment.arn
role = aws_iam_role.codedeploy_role.name
}
resource "aws_codedeploy_app" "serverpod" {
name = "${var.project_name}-app"
}
resource "aws_sns_topic" "serverpod" {
name = "${var.project_name}-topic"
}
resource "aws_codedeploy_deployment_group" "serverpod" {
app_name = aws_codedeploy_app.serverpod.name
deployment_group_name = "${var.project_name}-production-group"
service_role_arn = aws_iam_role.codedeploy_role.arn
autoscaling_groups = [aws_autoscaling_group.serverpod.id]
}
# S3 buckets
resource "aws_s3_bucket" "deployment" {
bucket = var.deployment_bucket_name
force_destroy = true
tags = {
Name = "${var.project_name} deployment"
}
}
resource "aws_s3_bucket_acl" "deployment" {
bucket = aws_s3_bucket.deployment.id
acl = "private"
}
resource "aws_s3_bucket_ownership_controls" "deployment" {
bucket = aws_s3_bucket.deployment.id
rule {
object_ownership = "ObjectWriter"
}
}
Reference in a new issue View git blame Copy permalink