Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
## Summary Contributes to #1551 ### Time to review: __1 mins__ ## Changes proposed Adds a terraform `output` required to run `make infra-update-app-database-roles APP_NAME=analytics ENVIRONMENT=dev`. I forgot to copy this when I was copying the database files earlier. ## Testing I've already deployed this ``` $ make infra-update-app-database-roles APP_NAME=analytics ENVIRONMENT=dev ``` ``` ./bin/create-or-update-database-roles.sh analytics dev Initializing the backend... Successfully configured the backend "s3"! Terraform will automatically use this backend unless the backend configuration changes. Initializing modules... Initializing provider plugins... - terraform.io/builtin/terraform is built in to Terraform - Reusing previous version of hashicorp/archive from the dependency lock file - Reusing previous version of hashicorp/aws from the dependency lock file - Reusing previous version of hashicorp/random from the dependency lock file - Using previously-installed hashicorp/archive v2.4.2 - Using previously-installed hashicorp/aws v5.34.0 - Using previously-installed hashicorp/random v3.6.0 Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary. ================================ Creating/updating database users ================================ Input parameters APP_NAME=analytics ENVIRONMENT=dev Invoking Lambda function: analytics-dev-role-manager luster-d6b403b4-8dfb-49ce-972a-ffa9c7b1a201-01iyPG\\",\\"name\\":\\"rds!cluster-d6b403b4-8dfb-49ce-972a-ffa9c7b1a201\\",\\"versionId\\":\\"fd6ef44a-33f9-4e27-b56a-e0d2fc7e1a0d\\",\\"secretString\\":\\"{\\\\\\"username\\\\\\":\\\\\\"root2f4d7a7184e3e6d4d01a5a345395a5ea\\\\\\",\\\\\\"password\\\\\\":\\\\\\"VyztTW0{XeWNk$)3OrL5aGn.!)44\\\\\\"}\\",\\"versionStages\\":[\\"AWSCURRENT\\",\\"AWSPENDING\\"],\\"createdDate\\":\\"Apr 1, 2024, 2:15:26 AM\\"}","Type":"SecureString","Value":"{\\"username\\":\\"root2f4d7a7184e3e6d4d01a5a345395a5ea\\",\\"password\\":\\"VyztTW0{XeWNk$)3OrL5aGn.!)44\\"}","Version":0}}' [DEBUG] 2024-04-02T18:47:41.075Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Event needs-retry.ssm.GetParameter: calling handler <botocore.retryhandler.RetryHandler object at 0x7fc0026206d0> [DEBUG] 2024-04-02T18:47:41.076Z d70a672d-0444-4cc4-8e87-2d2d72c88fda No retry needed. [INFO] 2024-04-02T18:47:41.077Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Connecting to database: user=root2f4d7a7184e3e6d4d01a5a345395a5ea host=analytics-dev.cluster-crj70bc9j3t7.us-east-1.rds.amazonaws.com port=5432 database=app [INFO] 2024-04-02T18:47:42.209Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Current database configuration [INFO] 2024-04-02T18:47:42.326Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Roles [INFO] 2024-04-02T18:47:42.326Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Role info: name=root2f4d7a7184e3e6d4d01a5a345395a5ea [INFO] 2024-04-02T18:47:42.328Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Schema privileges [INFO] 2024-04-02T18:47:42.329Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Schema info: name=public acl={pg_database_owner=UC/pg_database_owner,=U/pg_database_owner} [INFO] 2024-04-02T18:47:42.329Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Configuring database [INFO] 2024-04-02T18:47:42.329Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Configuring database [INFO] 2024-04-02T18:47:42.329Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Revoking default access on public schema [INFO] 2024-04-02T18:47:42.419Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Revoking database access from public role [INFO] 2024-04-02T18:47:42.424Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Setting default search path to schema=analytics [INFO] 2024-04-02T18:47:42.433Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Configuring roles [INFO] 2024-04-02T18:47:42.434Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Configuring role: username=migrator [INFO] 2024-04-02T18:47:42.543Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Configuring role: username=app [INFO] 2024-04-02T18:47:42.617Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Configuring schema [INFO] 2024-04-02T18:47:42.617Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Creating schema: schema_name=analytics [INFO] 2024-04-02T18:47:42.622Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Changing schema owner: schema_name=analytics owner=migrator [INFO] 2024-04-02T18:47:42.627Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Granting schema usage privileges: schema_name=analytics role=app [INFO] 2024-04-02T18:47:42.633Z d70a672d-0444-4cc4-8e87-2d2d72c88fda New database configuration [INFO] 2024-04-02T18:47:42.635Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Roles [INFO] 2024-04-02T18:47:42.635Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Role info: name=root2f4d7a7184e3e6d4d01a5a345395a5ea [INFO] 2024-04-02T18:47:42.635Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Role info: name=migrator [INFO] 2024-04-02T18:47:42.635Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Role info: name=app [INFO] 2024-04-02T18:47:42.637Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Schema privileges [INFO] 2024-04-02T18:47:42.637Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Schema info: name=public acl={pg_database_owner=UC/pg_database_owner,=U/pg_database_owner} [INFO] 2024-04-02T18:47:42.637Z d70a672d-0444-4cc4-8e87-2d2d72c88fda Schema info: name=analytics acl={migrator=UC/migrator,app=U/migrator} END RequestId: d70a672d-0444-4cc4-8e87-2d2d72c88fda REPORT RequestId: d70a672d-0444-4cc4-8e87-2d2d72c88fda Duration: 4166.64 ms Billed Duration: 4167 ms Memory Size: 128 MB Max Memory Used: 84 MB Init Duration: 490.40 ms XRAY TraceId: 1-660c52c9-5d6d7abb022c85b27f464810 SegmentId: 62a4fb7f601a664d Sampled: true Lambda function response: {"roles": ["root2f4d7a7184e3e6d4d01a5a345395a5ea", "migrator", "app"], "roles_with_groups": {"rds_superuser": "rds_password", "pg_monitor": "pg_read_all_settings,pg_read_all_stats,pg_stat_scan_tables", "root2f4d7a7184e3e6d4d01a5a345395a5ea": "rds_superuser", "app": "rds_iam", "migrator": "rds_iam"}, "schema_privileges": {"public": "{pg_database_owner=UC/pg_database_owner,=U/pg_database_owner}", "analytics": "{migrator=UC/migrator,app=U/migrator}"}}% ```
- Loading branch information
1 parent
af03ff5
commit c3e9c1d