Skip to content

Commit

Permalink
tweaks
Browse files Browse the repository at this point in the history
  • Loading branch information
@jack-e-tabaska
jack-e-tabaska committed May 30, 2024
1 parent 832f424 commit 95437fe
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 5 deletions.
6 changes: 3 additions & 3 deletions cloudformation/bc_core.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -763,16 +763,16 @@ Resources:
Type: AWS::Serverless::Application
Properties:
Location: bc_ecs_task_role.yaml
Parameters:
RoleName: !Sub "${AWS::StackName}-EcsTaskRole-${AWS::Region}"
# Parameters:
# RoleName: !Sub "${AWS::StackName}-EcsTaskRole-${AWS::Region}"

# todo: keep this around a while longer, because deleting it will break every workflow in the account
EcsTaskRole:
Type: AWS::IAM::Role
DeletionPolicy: Retain
Properties:
Description: !Sub |
DEPRECATED: Use !Sub ${EcsTaskRoleStack.Outputs.EcsTaskRoleArn} instead.
DEPRECATED: Use ${EcsTaskRoleStack.Outputs.EcsTaskRoleArn} instead.
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
Expand Down
14 changes: 12 additions & 2 deletions cloudformation/bc_ecs_task_role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,16 +5,24 @@ Parameters:
Type: String
Default: "default"

PolicyName:
Type: String
Default: "default"

Conditions:
UseDefaultRoleName: !Or [ !Equals [!Ref RoleName, "Default"],
!Equals [!Ref RoleName, "default"] ]

UseDefaultPolicyName: !Or [ !Equals [!Ref PolicyName, "Default"],
!Equals [!Ref PolicyName, "default"] ]

Resources:
EcsTaskRole:
Type: AWS::IAM::Role
Properties:
RoleName:
!If [UseDefaultRoleName, !Sub "${AWS::StackName}-${AWS::Region}", !Ref RoleName]
!If [UseDefaultRoleName, !Ref AWS::NoValue, !Ref RoleName]
# !If [UseDefaultRoleName, !Sub "${AWS::StackName}-${AWS::Region}", !Ref RoleName]
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
Expand All @@ -28,7 +36,9 @@ Resources:
EcsTaskPolicy:
Type: AWS::IAM::ManagedPolicy
Properties:
ManagedPolicyName: !Sub "${EcsTaskRole}-policy"
ManagedPolicyName:
!If [UseDefaultPolicyName, !Ref AWS::NoValue, !Ref PolicyName]
# ManagedPolicyName: !Sub "${EcsTaskRole}-policy"
Roles:
- !Ref EcsTaskRole
PolicyDocument:
Expand Down

0 comments on commit 95437fe

Please sign in to comment.