Skip to content

Commit da89c07

Browse files
npalmnpalm
authored
Add policies to create ec2 instance for scale up (#8)
1 parent cf7124c commit da89c07

3 files changed

Lines changed: 47 additions & 3 deletions

File tree

modules/runners/policies/lambda-scale-down.json

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
{
2+
"Effect": "Allow",
3+
"Action": [
4+
"ec2:DescribeInstances*",
5+
"ec2:DescribeTags",
6+
"ec2:CreateTags",
7+
"ec2:TerminateInstances"
8+
],
9+
"Resource": ["*"]
10+
},
11+
}

modules/runners/policies/lambda-scale-up.json

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
{
2+
"Effect": "Allow",
3+
"Action": [
4+
"ec2:DescribeInstances",
5+
"ec2:DescribeTags",
6+
"ec2:CreateTags",
7+
"ec2:RunInstances",
8+
],
9+
"Resource": ["*"]
10+
},
11+
{
12+
"Effect": "Allow",
13+
"Action": "iam:PassRole",
14+
"Resource": "${arn_runner_instance_role}"
15+
}
16+
}

modules/runners/scale-runners-lambda.tf

Lines changed: 20 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -59,17 +59,34 @@ resource "aws_iam_policy_attachment" "scale_runners_lambda_logging" {
5959
policy_arn = aws_iam_policy.lambda_logging.arn
6060
}
6161

62-
resource "aws_iam_policy" "scale_runners_lambda" {
62+
resource "aws_iam_policy" "scale_runners_lambda_sqs" {
6363
name = "${var.environment}-lamda-scale-runners-sqs-receive-policy"
64-
description = "Lambda webhook policy"
64+
description = "Lambda scale up sqs policy"
6565

6666
policy = templatefile("${path.module}/policies/lambda-scale-runners.json", {
6767
sqs_arn = var.sqs.arn
6868
})
6969
}
7070

71+
resource "aws_iam_policy_attachment" "scale_runners_lambda_sqs" {
72+
name = "${var.environment}-scale-up-sqs"
73+
roles = [aws_iam_role.scale_runners_lambda.name]
74+
policy_arn = aws_iam_policy.scale_runners_lambda_sqs.arn
75+
}
76+
77+
78+
resource "aws_iam_policy" "scale_runners_lambda" {
79+
name = "${var.environment}-lamda-scale-up-policy"
80+
description = "Lambda scale up policy"
81+
82+
policy = templatefile("${path.module}/policies/lambda-scale-up.json", {
83+
arn_runner_instance_role = aws_iam_role.runner.arn
84+
})
85+
}
86+
7187
resource "aws_iam_policy_attachment" "scale_runners_lambda" {
72-
name = "${var.environment}-scale-runners"
88+
name = "${var.environment}-scale-up"
7389
roles = [aws_iam_role.scale_runners_lambda.name]
7490
policy_arn = aws_iam_policy.scale_runners_lambda.arn
7591
}
92+

0 commit comments

Comments
 (0)