Skip to content

Commit

Permalink
[IT-3230] Role for agora-data-manager repo (#1060)
Browse files Browse the repository at this point in the history
Setup GH action on agora-data-manager to allow access to update the
document database.
  • Loading branch information
zaro0508 authored Jan 3, 2024
1 parent 98dc56a commit a6406aa
Showing 1 changed file with 22 additions and 0 deletions.
22 changes: 22 additions & 0 deletions org-formation/650-identity-providers/_tasks.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -797,3 +797,25 @@ GithubOidcAgoraEBDeploy:
- !Ref AgoraDevAccount
- !Ref AgoraProdAccount
Region: us-east-1

GithubOidcAgoraDataManagerDeploy:
Type: update-stacks
DependsOn: GithubOidcSageBionetworks
Template: https://raw.githubusercontent.com/Sage-Bionetworks/aws-infra/v0.7.6/templates/IAM/github-oidc-provider.j2
StackName: !Sub ${resourcePrefix}-${appName}-agora-data-manager-deploy
Parameters:
ProviderArn: !CopyValue [ !Sub '${resourcePrefix}-${appName}-ProviderArn' ]
ProviderRoleName: !Sub ${resourcePrefix}-${appName}-agora-data-manager-deploy
MaxSessionDuration: 900
ManagedPolicyArns:
- "arn:aws:iam::aws:policy/AmazonDocDBFullAccess"
TemplatingContext:
GitHubOrg: "Sage-Bionetworks"
Repositories:
- name: "Agora"
branches: ["develop", "prod", "staging"]
DefaultOrganizationBinding:
Account:
- !Ref AgoraDevAccount
- !Ref AgoraProdAccount
Region: us-east-1

0 comments on commit a6406aa

Please sign in to comment.