Skip to content

Commit

Permalink
Added SQS support to ArmoniK
Browse files Browse the repository at this point in the history
  • Loading branch information
@AncientPatata
AncientPatata committed Jan 9, 2025
1 parent bea6835 commit e9d1240
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 2 deletions.
8 changes: 6 additions & 2 deletions infrastructure/quick-deploy/aws/armonik.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ module "armonik" {
pod_configuration = null
}
}, v, {
service_account_name = "armonikserviceaccount"
polling_agent = merge(v.polling_agent, {
image = local.ecr_images["${v.polling_agent.image}:${try(coalesce(v.polling_agent.tag), "")}"].name
tag = local.ecr_images["${v.polling_agent.image}:${try(coalesce(v.polling_agent.tag), "")}"].tag
Expand All @@ -36,8 +37,9 @@ module "armonik" {
})]
}) }
control_plane = merge(var.control_plane, {
image = local.ecr_images["${var.control_plane.image}:${try(coalesce(var.control_plane.tag), "")}"].name
tag = local.ecr_images["${var.control_plane.image}:${try(coalesce(var.control_plane.tag), "")}"].tag
image = local.ecr_images["${var.control_plane.image}:${try(coalesce(var.control_plane.tag), "")}"].name
tag = local.ecr_images["${var.control_plane.image}:${try(coalesce(var.control_plane.tag), "")}"].tag
service_account_name = "armonikserviceaccount"
})
admin_gui = merge(var.admin_gui, {
image = local.ecr_images["${var.admin_gui.image}:${try(coalesce(var.admin_gui.tag), "")}"].name
Expand Down Expand Up @@ -76,4 +78,6 @@ module "armonik" {
image = local.ecr_images["${var.pod_deletion_cost.image}:${try(coalesce(var.pod_deletion_cost.tag), "")}"].image
tag = local.ecr_images["${var.pod_deletion_cost.image}:${try(coalesce(var.pod_deletion_cost.tag), "")}"].tag
})

depends_on = [module.aws_service_account]
}
18 changes: 18 additions & 0 deletions infrastructure/quick-deploy/aws/storage.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ module "s3_fs" {
sse_algorithm = can(coalesce(var.kms_key)) ? var.s3_fs.sse_algorithm : "aws:kms"
ownership = var.s3_fs.ownership
versioning = var.s3_fs.versioning
role_name = module.aws_service_account.service_account_iam_role_name
}

# Shared storage
Expand Down Expand Up @@ -143,6 +144,15 @@ module "mq" {
kms_key_id = local.kms_key
}

module "aws_service_account" {
namespace = local.namespace
source = "./generated/infra-modules/service-account/aws"
prefix = local.prefix
name = "armonikserviceaccount"
oidc_provider_arn = module.eks.aws_eks_module.oidc_provider_arn
oidc_issuer_url = module.eks.aws_eks_module.cluster_oidc_issuer_url
}

# MongoDB
module "mongodb" {
count = can(coalesce(var.mongodb_sharding)) ? 0 : 1
Expand Down Expand Up @@ -277,6 +287,14 @@ module "mongodb_efs_persistent_volume" {
tags = local.tags
}


resource "aws_iam_policy_attachment" "armonik_decrypt_object" {
name = "storage-s3-encrypt-decrypt-armonik"
roles = [module.aws_service_account.service_account_iam_role_name]
policy_arn = aws_iam_policy.decrypt_object.arn
}


# Decrypt objects in S3
data "aws_iam_policy_document" "decrypt_object" {
statement {
Expand Down

0 comments on commit e9d1240

Please sign in to comment.