From 40b89f402c02bf6fe93975195056da34d5fd272a Mon Sep 17 00:00:00 2001
From: Nuwan Rajika Kumarasiri <nuwan.kumarasiri@wisc.edu>
Date: Mon, 16 Mar 2020 13:46:23 -0500
Subject: [PATCH] Update to use an Amazon Linux 2 image - WISCALERTS-2

* In order to increase disk space allocated for Docker container utilize Amazon Linux 2. By default Amazon Linux 2 uses `overlay2` storage driver, which gives the base storage size of the space left on the disk.
* Removed SSM agent as it's shipped with all Amazon Linux 2 AMIs.
* Utilized `SSM` param store for storing `IICS` user credentials.
* Increased `EBS` volume size to allocate more disk space.
---
 terraform/ecs.tf | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/terraform/ecs.tf b/terraform/ecs.tf
index 566d3bb..aab9b33 100644
--- a/terraform/ecs.tf
+++ b/terraform/ecs.tf
@@ -1,6 +1,9 @@
-locals {
-  informatica_username = format("arn:aws:ssm:%s:%s:parameter%s", var.aws_region, var.aws_account_id[0], "/iics/cicd_username")
-  informatica_password = format("arn:aws:ssm:%s:%s:parameter%s", var.aws_region, var.aws_account_id[0], "/iics/cicd_password")
+data "aws_ssm_parameter" "informatica-username" {
+  name = "/iics/cicd_username"
+}
+
+data "aws_ssm_parameter" "informatica-password" {
+  name = "/iics/cicd_password"
 }
 
 data "template_file" "container" {
@@ -13,8 +16,8 @@ data "template_file" "container" {
     app_port1               = var.container_app_port[0]
     app_port2               = var.container_app_port[1]
     app_port3               = var.container_app_port[2]
-    informatica_username    = local.informatica_username
-    informatica_password    = local.informatica_password
+    informatica_username    = data.aws_ssm_parameter.informatica-username.arn
+    informatica_password    = data.aws_ssm_parameter.informatica-password.arn
     secure_agent_mount_path = var.secure_agent_mount_path
   }
 }
@@ -59,8 +62,8 @@ resource "aws_iam_policy" "iics-ssm-policy" {
         "ssm:GetParameters"
       ],
       "Resource": [
-          "${local.informatica_username}",
-          "${local.informatica_password}"
+          "${data.aws_ssm_parameter.informatica-username.arn}",
+          "${data.aws_ssm_parameter.informatica-password.arn}"
       ]
     }
   ]
-- 
GitLab