junte/Model
1
0
Fork 0
mirror of https://github.com/Hestia-Homes/Model.git synced 2026-06-08 11:17:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

give engine permission to read and write necessary s3 buckets

Browse source
This commit is contained in:
Daniel Roth 2026-03-04 16:42:14 +00:00
parent b7c963eb2c
commit 4b36215788
1 changed files with 26 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
infrastructure/terraform/shared/main.tf
View file

@ -464,4 +464,29 @@ module "engine_registry" {
source = "../modules/container_registry"
name = "engine"
stage = var.stage
}
}
# S3 policy for Engine to read and write from various S3 buckets
module "engine_s3_read_and_write" {
source = "../modules/s3_iam_policy"
policy_name = "EngineReadandWriteS3"
policy_description = "Allow Engine Lambda to read from and write to various S3 buckets"
bucket_arns = [
"arn:aws:s3:::retrofit-plan-inputs-${var.stage}",
"arn:aws:s3:::retrofit-data-${var.stage}",
"arn:aws:s3:::retrofit-sap-predictions-${var.stage}",
"arn:aws:s3:::retrofit-carbon-predictions-${var.stage}",
"arn:aws:s3:::retrofit-heat-predictions-${var.stage}",
"arn:aws:s3:::retrofit-carbon-predictions-${var.stage}",
"arn:aws:s3:::retrofit-heating-kwh-predictions-${var.stage}",
"arn:aws:s3:::retrofit-hotwater-kwh-predictions-${var.stage}",
"arn:aws:s3:::retrofit-energy-assessments-${var.stage}"
]
actions = ["s3:*"]
resource_paths = ["/*"]
}
output "engine_s3_read_and_write_arn" {
value = module.engine_s3_read_and_write.policy_arn
}