Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

158 move analytics to proper s3 bucket #159

Merged
merged 3 commits into from
Jul 12, 2023
Merged

158 move analytics to proper s3 bucket #159

merged 3 commits into from
Jul 12, 2023

Conversation

Rakowskiii
Copy link
Contributor

Description

Moving echo analytics to shared s3 bucket

Resolves #158

How Has This Been Tested?

  • not tested yet

Due Diligence

  • Breaking change
  • Requires a documentation update
  • Requires a e2e/integration test update

@Rakowskiii Rakowskiii requested a review from HarryET as a code owner July 6, 2023 15:30
@Rakowskiii Rakowskiii linked an issue Jul 6, 2023 that may be closed by this pull request
Move analytics to proper s3 bucket #158
Closed
@Rakowskiii Rakowskiii temporarily deployed to staging July 6, 2023 15:30 — with GitHub Actions Inactive
@github-actions
Copy link
Contributor

github-actions bot commented Jul 6, 2023

Show Plan 

[command]/home/runner/work/_temp/32227c5b-8ace-47f4-9ff7-e98b3d75ddb4/terraform-bin -chdir=terraform show -no-color /tmp/plan.tfplan

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place
-/+ destroy and then create replacement

Terraform will perform the following actions:

  # module.ecs.aws_ecs_service.app_service will be updated in-place
  ~ resource "aws_ecs_service" "app_service" {
        id                                 = "arn:aws:ecs:eu-central-1:898587786287:service/staging-push/staging-push-service"
        name                               = "staging-push-service"
        tags                               = {}
      ~ task_definition                    = "arn:aws:ecs:eu-central-1:898587786287:task-definition/staging-push:75" -> (known after apply)
        # (15 unchanged attributes hidden)

        # (4 unchanged blocks hidden)
    }

  # module.ecs.aws_ecs_task_definition.app_task_definition must be replaced
-/+ resource "aws_ecs_task_definition" "app_task_definition" {
      ~ arn                      = "arn:aws:ecs:eu-central-1:898587786287:task-definition/staging-push:75" -> (known after apply)
      ~ arn_without_revision     = "arn:aws:ecs:eu-central-1:898587786287:task-definition/staging-push" -> (known after apply)
      ~ container_definitions    = (sensitive value) # forces replacement
      ~ id                       = "staging-push" -> (known after apply)
      ~ revision                 = 75 -> (known after apply)
      - tags                     = {} -> null
        # (9 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.ecs.aws_iam_policy.analytics-data-lake_bucket_access must be replaced
-/+ resource "aws_iam_policy" "analytics-data-lake_bucket_access" {
      ~ arn         = "arn:aws:iam::898587786287:policy/staging-push_analytics-data-lake_bucket_access" -> (known after apply)
      ~ description = "Allows staging-push to read/write from walletconnect.push.staging.analytics.data-lake" -> "Allows staging-push to read/write from walletconnect.data-lake.staging" # forces replacement
      ~ id          = "arn:aws:iam::898587786287:policy/staging-push_analytics-data-lake_bucket_access" -> (known after apply)
        name        = "staging-push_analytics-data-lake_bucket_access"
      + name_prefix = (known after apply)
      ~ policy      = jsonencode(
          ~ {
              ~ Statement = [
                  ~ {
                      ~ Resource = [
                          - "arn:aws:s3:::walletconnect.push.staging.analytics.data-lake",
                          + "arn:aws:s3:::walletconnect.data-lake.staging",
                        ]
                        # (3 unchanged attributes hidden)
                    },
                  ~ {
                      ~ Resource = [
                          - "arn:aws:s3:::walletconnect.push.staging.analytics.data-lake/*",
                          + "arn:aws:s3:::walletconnect.data-lake.staging/*",
                        ]
                        # (3 unchanged attributes hidden)
                    },
                  ~ {
                      ~ Resource = [
                          - "arn:aws:kms:eu-central-1:898587786287:key/1b7b17ad-84bc-412f-81b6-97f0ba68885c",
                          + "arn:aws:kms:eu-central-1:898587786287:key/d1d2f047-b2a3-4f4a-8786-7c87ee83c954",
                        ]
                        # (3 unchanged attributes hidden)
                    },
                ]
                # (1 unchanged attribute hidden)
            }
        )
      ~ policy_id   = "ANPA5COABPQX5ZJNDGZPI" -> (known after apply)
      - tags        = {} -> null
        # (2 unchanged attributes hidden)
    }

  # module.ecs.aws_iam_role_policy_attachment.analytics-data-lake-bucket-policy-attach must be replaced
-/+ resource "aws_iam_role_policy_attachment" "analytics-data-lake-bucket-policy-attach" {
      ~ id         = "staging-push-ecs-task-execution-role-20230317135338509100000002" -> (known after apply)
      ~ policy_arn = "arn:aws:iam::898587786287:policy/staging-push_analytics-data-lake_bucket_access" # forces replacement -> (known after apply) # forces replacement
        # (1 unchanged attribute hidden)
    }

Plan: 3 to add, 1 to change, 3 to destroy.
::debug::Terraform exited with code 0.
::debug::stdout: %0ATerraform used the selected providers to generate the following execution%0Aplan. Resource actions are indicated with the following symbols:%0A  ~ update in-place%0A-/+ destroy and then create replacement%0A%0ATerraform will perform the following actions:%0A%0A  # module.ecs.aws_ecs_service.app_service will be updated in-place%0A  ~ resource "aws_ecs_service" "app_service" {%0A        id                                 = "arn:aws:ecs:eu-central-1:898587786287:service/staging-push/staging-push-service"%0A        name                               = "staging-push-service"%0A        tags                               = {}%0A      ~ task_definition                    = "arn:aws:ecs:eu-central-1:898587786287:task-definition/staging-push:75" -> (known after apply)%0A        # (15 unchanged attributes hidden)%0A%0A        # (4 unchanged blocks hidden)%0A    }%0A%0A  # module.ecs.aws_ecs_task_definition.app_task_definition must be replaced%0A-/+ resource "aws_ecs_task_definition" "app_task_definition" {%0A      ~ arn                      = "arn:aws:ecs:eu-central-1:898587786287:task-definition/staging-push:75" -> (known after apply)%0A      ~ arn_without_revision     = "arn:aws:ecs:eu-central-1:898587786287:task-definition/staging-push" -> (known after apply)%0A      ~ container_definitions    = (sensitive value) # forces replacement%0A      ~ id                       = "staging-push" -> (known after apply)%0A      ~ revision                 = 75 -> (known after apply)%0A      - tags                     = {} -> null%0A        # (9 unchanged attributes hidden)%0A%0A        # (1 unchanged block hidden)%0A    }%0A%0A  # module.ecs.aws_iam_policy.analytics-data-lake_bucket_access must be replaced%0A-/+ resource "aws_iam_policy" "analytics-data-lake_bucket_access" {%0A      ~ arn         = "arn:aws:iam::898587786287:policy/staging-push_analytics-data-lake_bucket_access" -> (known after apply)%0A      ~ description = "Allows staging-push to read/write from walletconnect.push.staging.analytics.data-lake" -> "Allows staging-push to read/write from walletconnect.data-lake.staging" # forces replacement%0A      ~ id          = "arn:aws:iam::898587786287:policy/staging-push_analytics-data-lake_bucket_access" -> (known after apply)%0A        name        = "staging-push_analytics-data-lake_bucket_access"%0A      + name_prefix = (known after apply)%0A      ~ policy      = jsonencode(%0A          ~ {%0A              ~ Statement = [%0A                  ~ {%0A                      ~ Resource = [%0A                          - "arn:aws:s3:::walletconnect.push.staging.analytics.data-lake",%0A                          + "arn:aws:s3:::walletconnect.data-lake.staging",%0A                        ]%0A                        # (3 unchanged attributes hidden)%0A                    },%0A                  ~ {%0A                      ~ Resource = [%0A                          - "arn:aws:s3:::walletconnect.push.staging.analytics.data-lake/*",%0A                          + "arn:aws:s3:::walletconnect.data-lake.staging/*",%0A                        ]%0A                        # (3 unchanged attributes hidden)%0A                    },%0A                  ~ {%0A                      ~ Resource = [%0A                          - "arn:aws:kms:eu-central-1:898587786287:key/1b7b17ad-84bc-412f-81b6-97f0ba68885c",%0A                          + "arn:aws:kms:eu-central-1:898587786287:key/d1d2f047-b2a3-4f4a-8786-7c87ee83c954",%0A                        ]%0A                        # (3 unchanged attributes hidden)%0A                    },%0A                ]%0A                # (1 unchanged attribute hidden)%0A            }%0A        )%0A      ~ policy_id   = "ANPA5COABPQX5ZJNDGZPI" -> (known after apply)%0A      - tags        = {} -> null%0A        # (2 unchanged attributes hidden)%0A    }%0A%0A  # module.ecs.aws_iam_role_policy_attachment.analytics-data-lake-bucket-policy-attach must be replaced%0A-/+ resource "aws_iam_role_policy_attachment" "analytics-data-lake-bucket-policy-attach" {%0A      ~ id         = "staging-push-ecs-task-execution-role-20230317135338509100000002" -> (known after apply)%0A      ~ policy_arn = "arn:aws:iam::898587786287:policy/staging-push_analytics-data-lake_bucket_access" # forces replacement -> (known after apply) # forces replacement%0A        # (1 unchanged attribute hidden)%0A    }%0A%0APlan: 3 to add, 1 to change, 3 to destroy.%0A
::debug::stderr: 
::debug::exitcode: 0

Action: pull_request

@Rakowskiii Rakowskiii temporarily deployed to staging July 6, 2023 15:32 — with GitHub Actions Inactive
@github-actions
Copy link
Contributor

github-actions bot commented Jul 6, 2023

Show Plan 

[command]/home/runner/work/_temp/9cfff747-cc8c-46ae-88df-ca6837307f45/terraform-bin -chdir=terraform show -no-color /tmp/plan.tfplan

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place
-/+ destroy and then create replacement

Terraform will perform the following actions:

  # module.ecs.aws_ecs_service.app_service will be updated in-place
  ~ resource "aws_ecs_service" "app_service" {
        id                                 = "arn:aws:ecs:eu-central-1:898587786287:service/staging-push/staging-push-service"
        name                               = "staging-push-service"
        tags                               = {}
      ~ task_definition                    = "arn:aws:ecs:eu-central-1:898587786287:task-definition/staging-push:75" -> (known after apply)
        # (15 unchanged attributes hidden)

        # (4 unchanged blocks hidden)
    }

  # module.ecs.aws_ecs_task_definition.app_task_definition must be replaced
-/+ resource "aws_ecs_task_definition" "app_task_definition" {
      ~ arn                      = "arn:aws:ecs:eu-central-1:898587786287:task-definition/staging-push:75" -> (known after apply)
      ~ arn_without_revision     = "arn:aws:ecs:eu-central-1:898587786287:task-definition/staging-push" -> (known after apply)
      ~ container_definitions    = (sensitive value) # forces replacement
      ~ id                       = "staging-push" -> (known after apply)
      ~ revision                 = 75 -> (known after apply)
      - tags                     = {} -> null
        # (9 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

  # module.ecs.aws_iam_policy.analytics-data-lake_bucket_access must be replaced
-/+ resource "aws_iam_policy" "analytics-data-lake_bucket_access" {
      ~ arn         = "arn:aws:iam::898587786287:policy/staging-push_analytics-data-lake_bucket_access" -> (known after apply)
      ~ description = "Allows staging-push to read/write from walletconnect.push.staging.analytics.data-lake" -> "Allows staging-push to read/write from walletconnect.data-lake.staging" # forces replacement
      ~ id          = "arn:aws:iam::898587786287:policy/staging-push_analytics-data-lake_bucket_access" -> (known after apply)
        name        = "staging-push_analytics-data-lake_bucket_access"
      + name_prefix = (known after apply)
      ~ policy      = jsonencode(
          ~ {
              ~ Statement = [
                  ~ {
                      ~ Resource = [
                          - "arn:aws:s3:::walletconnect.push.staging.analytics.data-lake",
                          + "arn:aws:s3:::walletconnect.data-lake.staging",
                        ]
                        # (3 unchanged attributes hidden)
                    },
                  ~ {
                      ~ Resource = [
                          - "arn:aws:s3:::walletconnect.push.staging.analytics.data-lake/*",
                          + "arn:aws:s3:::walletconnect.data-lake.staging/*",
                        ]
                        # (3 unchanged attributes hidden)
                    },
                  ~ {
                      ~ Resource = [
                          - "arn:aws:kms:eu-central-1:898587786287:key/1b7b17ad-84bc-412f-81b6-97f0ba68885c",
                          + "arn:aws:kms:eu-central-1:898587786287:key/d1d2f047-b2a3-4f4a-8786-7c87ee83c954",
                        ]
                        # (3 unchanged attributes hidden)
                    },
                ]
                # (1 unchanged attribute hidden)
            }
        )
      ~ policy_id   = "ANPA5COABPQX5ZJNDGZPI" -> (known after apply)
      - tags        = {} -> null
        # (2 unchanged attributes hidden)
    }

  # module.ecs.aws_iam_role_policy_attachment.analytics-data-lake-bucket-policy-attach must be replaced
-/+ resource "aws_iam_role_policy_attachment" "analytics-data-lake-bucket-policy-attach" {
      ~ id         = "staging-push-ecs-task-execution-role-20230317135338509100000002" -> (known after apply)
      ~ policy_arn = "arn:aws:iam::898587786287:policy/staging-push_analytics-data-lake_bucket_access" # forces replacement -> (known after apply) # forces replacement
        # (1 unchanged attribute hidden)
    }

Plan: 3 to add, 1 to change, 3 to destroy.
::debug::Terraform exited with code 0.
::debug::stdout: %0ATerraform used the selected providers to generate the following execution%0Aplan. Resource actions are indicated with the following symbols:%0A  ~ update in-place%0A-/+ destroy and then create replacement%0A%0ATerraform will perform the following actions:%0A%0A  # module.ecs.aws_ecs_service.app_service will be updated in-place%0A  ~ resource "aws_ecs_service" "app_service" {%0A        id                                 = "arn:aws:ecs:eu-central-1:898587786287:service/staging-push/staging-push-service"%0A        name                               = "staging-push-service"%0A        tags                               = {}%0A      ~ task_definition                    = "arn:aws:ecs:eu-central-1:898587786287:task-definition/staging-push:75" -> (known after apply)%0A        # (15 unchanged attributes hidden)%0A%0A        # (4 unchanged blocks hidden)%0A    }%0A%0A  # module.ecs.aws_ecs_task_definition.app_task_definition must be replaced%0A-/+ resource "aws_ecs_task_definition" "app_task_definition" {%0A      ~ arn                      = "arn:aws:ecs:eu-central-1:898587786287:task-definition/staging-push:75" -> (known after apply)%0A      ~ arn_without_revision     = "arn:aws:ecs:eu-central-1:898587786287:task-definition/staging-push" -> (known after apply)%0A      ~ container_definitions    = (sensitive value) # forces replacement%0A      ~ id                       = "staging-push" -> (known after apply)%0A      ~ revision                 = 75 -> (known after apply)%0A      - tags                     = {} -> null%0A        # (9 unchanged attributes hidden)%0A%0A        # (1 unchanged block hidden)%0A    }%0A%0A  # module.ecs.aws_iam_policy.analytics-data-lake_bucket_access must be replaced%0A-/+ resource "aws_iam_policy" "analytics-data-lake_bucket_access" {%0A      ~ arn         = "arn:aws:iam::898587786287:policy/staging-push_analytics-data-lake_bucket_access" -> (known after apply)%0A      ~ description = "Allows staging-push to read/write from walletconnect.push.staging.analytics.data-lake" -> "Allows staging-push to read/write from walletconnect.data-lake.staging" # forces replacement%0A      ~ id          = "arn:aws:iam::898587786287:policy/staging-push_analytics-data-lake_bucket_access" -> (known after apply)%0A        name        = "staging-push_analytics-data-lake_bucket_access"%0A      + name_prefix = (known after apply)%0A      ~ policy      = jsonencode(%0A          ~ {%0A              ~ Statement = [%0A                  ~ {%0A                      ~ Resource = [%0A                          - "arn:aws:s3:::walletconnect.push.staging.analytics.data-lake",%0A                          + "arn:aws:s3:::walletconnect.data-lake.staging",%0A                        ]%0A                        # (3 unchanged attributes hidden)%0A                    },%0A                  ~ {%0A                      ~ Resource = [%0A                          - "arn:aws:s3:::walletconnect.push.staging.analytics.data-lake/*",%0A                          + "arn:aws:s3:::walletconnect.data-lake.staging/*",%0A                        ]%0A                        # (3 unchanged attributes hidden)%0A                    },%0A                  ~ {%0A                      ~ Resource = [%0A                          - "arn:aws:kms:eu-central-1:898587786287:key/1b7b17ad-84bc-412f-81b6-97f0ba68885c",%0A                          + "arn:aws:kms:eu-central-1:898587786287:key/d1d2f047-b2a3-4f4a-8786-7c87ee83c954",%0A                        ]%0A                        # (3 unchanged attributes hidden)%0A                    },%0A                ]%0A                # (1 unchanged attribute hidden)%0A            }%0A        )%0A      ~ policy_id   = "ANPA5COABPQX5ZJNDGZPI" -> (known after apply)%0A      - tags        = {} -> null%0A        # (2 unchanged attributes hidden)%0A    }%0A%0A  # module.ecs.aws_iam_role_policy_attachment.analytics-data-lake-bucket-policy-attach must be replaced%0A-/+ resource "aws_iam_role_policy_attachment" "analytics-data-lake-bucket-policy-attach" {%0A      ~ id         = "staging-push-ecs-task-execution-role-20230317135338509100000002" -> (known after apply)%0A      ~ policy_arn = "arn:aws:iam::898587786287:policy/staging-push_analytics-data-lake_bucket_access" # forces replacement -> (known after apply) # forces replacement%0A        # (1 unchanged attribute hidden)%0A    }%0A%0APlan: 3 to add, 1 to change, 3 to destroy.%0A
::debug::stderr: 
::debug::exitcode: 0

Action: pull_request

HarryET
HarryET approved these changes Jul 12, 2023
View reviewed changes
Copy link
Contributor

@HarryET HarryET left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Going to merge and deploy to staging to test

@HarryET HarryET merged commit 88416fb into main Jul 12, 2023
7 checks passed
@geekbrother geekbrother mentioned this pull request Sep 19, 2023
Merged
3 tasks
@chris13524 chris13524 deleted the 158-move-analytics-to-proper-s3-bucket branch October 23, 2023 14:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arein arein arein approved these changes

@HarryET HarryET HarryET approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Move analytics to proper s3 bucket
3 participants
@Rakowskiii @arein @HarryET