Skip to content

Commit 051fdf3

Browse files
mattdean3-nhsmattdean3-nhs
authored
Merge pull request #1151 from NHSDigital/feature/made14-NRL-1904-add-ci-access-to-legacy-bucket
[NRL-1904] Add permissions for legacy CI bucket for deploying old ver…
2 parents 844ebc8 + 1e54dd8 commit 051fdf3

File tree

2 files changed

+7
-1
lines changed

2 files changed

+7
-1
lines changed

terraform/account-wide-infrastructure/mgmt/data.tf

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -60,3 +60,7 @@ data "aws_secretsmanager_secret_version" "test_restore_account_id" {
6060
data "aws_secretsmanager_secret_version" "prod_account_id" {
6161
secret_id = data.aws_secretsmanager_secret.prod_account_id.name
6262
}
63+
64+
data "aws_s3_bucket" "legacy_ci_data" {
65+
bucket = "${local.project}--mgmt--github-ci-logging"
66+
}

terraform/account-wide-infrastructure/mgmt/iam_github-ci.tf

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -102,7 +102,9 @@ resource "aws_iam_policy" "github_ci_policy" {
102102
Effect = "Allow"
103103
Resource = [
104104
aws_s3_bucket.ci_data.arn,
105-
"${aws_s3_bucket.ci_data.arn}/*"
105+
"${aws_s3_bucket.ci_data.arn}/*",
106+
data.aws_s3_bucket.legacy_ci_data.arn,
107+
"${data.aws_s3_bucket.legacy_ci_data.arn}/*"
106108
]
107109
}
108110
]

0 commit comments

Comments
 (0)