From 9c7e63efae2a9fb5cfca43122b51a5434ac4eff8 Mon Sep 17 00:00:00 2001
From: Alis Akers <alismxwll@gmail.com>
Date: Wed, 11 Dec 2024 15:10:17 -0800
Subject: [PATCH] update to v1.7.6

---
 terraform/implementation/ecs/README.md    | 6 +++---
 terraform/implementation/ecs/_variable.tf | 2 +-
 terraform/implementation/ecs/main.tf      | 2 +-
 terraform/modules/oidc/_data.tf           | 1 +
 4 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/terraform/implementation/ecs/README.md b/terraform/implementation/ecs/README.md
index bdb13b1..55ece90 100644
--- a/terraform/implementation/ecs/README.md
+++ b/terraform/implementation/ecs/README.md
@@ -16,7 +16,7 @@
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_ecs"></a> [ecs](#module\_ecs) | CDCgov/dibbs-ecr-viewer/aws | 0.2.1 |
+| <a name="module_ecs"></a> [ecs](#module\_ecs) | CDCgov/dibbs-ecr-viewer/aws | 0.3.0 |
 | <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | 5.16.0 |
 
 ## Resources
@@ -30,9 +30,9 @@
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_availability_zones"></a> [availability\_zones](#input\_availability\_zones) | The availability zones to use | `list(string)` | <pre>[<br>  "us-east-1a",<br>  "us-east-1b",<br>  "us-east-1c"<br>]</pre> | no |
-| <a name="input_internal"></a> [internal](#input\_internal) | Flag to determine if the several AWS resources are public (intended for external access, public internet) or private (only intended to be accessed within your AWS VPC or avaiable with other means, a transit gateway for example). | `bool` | `false` | no |
+| <a name="input_internal"></a> [internal](#input\_internal) | Flag to determine if the several AWS resources are public (intended for external access, public internet) or private (only intended to be accessed within your AWS VPC or avaiable with other means, a transit gateway for example). | `bool` | `true` | no |
 | <a name="input_owner"></a> [owner](#input\_owner) | The owner of the infrastructure | `string` | `"skylight"` | no |
-| <a name="input_phdi_version"></a> [phdi\_version](#input\_phdi\_version) | PHDI container image version | `string` | `"v1.6.9"` | no |
+| <a name="input_phdi_version"></a> [phdi\_version](#input\_phdi\_version) | PHDI container image version | `string` | `"v1.7.6"` | no |
 | <a name="input_private_subnets"></a> [private\_subnets](#input\_private\_subnets) | The private subnets | `list(string)` | <pre>[<br>  "176.24.1.0/24",<br>  "176.24.3.0/24"<br>]</pre> | no |
 | <a name="input_project"></a> [project](#input\_project) | The project name | `string` | `"dibbs"` | no |
 | <a name="input_public_subnets"></a> [public\_subnets](#input\_public\_subnets) | The public subnets | `list(string)` | <pre>[<br>  "176.24.2.0/24",<br>  "176.24.4.0/24"<br>]</pre> | no |
diff --git a/terraform/implementation/ecs/_variable.tf b/terraform/implementation/ecs/_variable.tf
index db4349d..e7b1544 100644
--- a/terraform/implementation/ecs/_variable.tf
+++ b/terraform/implementation/ecs/_variable.tf
@@ -20,7 +20,7 @@ variable "owner" {
 variable "phdi_version" {
   description = "PHDI container image version"
   type        = string
-  default     = "v1.7.3"
+  default     = "v1.7.6"
 }
 
 variable "private_subnets" {
diff --git a/terraform/implementation/ecs/main.tf b/terraform/implementation/ecs/main.tf
index 900799e..f1308b4 100644
--- a/terraform/implementation/ecs/main.tf
+++ b/terraform/implementation/ecs/main.tf
@@ -22,7 +22,7 @@ module "vpc" {
 
 module "ecs" {
   source  = "CDCgov/dibbs-ecr-viewer/aws"
-  version = "0.2.1"
+  version = "0.3.0"
   # source = "../../../../terraform-aws-dibbs-ecr-viewer"
 
   public_subnet_ids  = flatten(module.vpc.public_subnets)
diff --git a/terraform/modules/oidc/_data.tf b/terraform/modules/oidc/_data.tf
index 9d6b3b1..896be68 100644
--- a/terraform/modules/oidc/_data.tf
+++ b/terraform/modules/oidc/_data.tf
@@ -252,6 +252,7 @@ data "aws_iam_policy_document" "resource_tags_update_actions" {
       "elasticloadbalancing:ModifyLoadBalancerAttributes",
       "elasticloadbalancing:ModifyTargetGroupAttributes",
       "elasticloadbalancing:RemoveTags",
+      "elasticloadbalancing:ModifyRule",
       "ecs:RegisterTaskDefinition",
       "ecs:UpdateService",
       "ecs:TagResource",