From 94a97ca870ee97b2660bb5d95a56bf4b1d632845 Mon Sep 17 00:00:00 2001
From: andrewpeng02 <andrewpeng02@gmail.com>
Date: Wed, 15 May 2024 09:39:39 -0500
Subject: [PATCH] on push

---
 .github/workflows/push-django-ecs.yml   | 6 +++---
 .github/workflows/push-training-ecs.yml | 4 ++--
 dlp-terraform/ecs/ecs.tf                | 4 +++-
 3 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/push-django-ecs.yml b/.github/workflows/push-django-ecs.yml
index 34e6bad8..59d2784d 100644
--- a/.github/workflows/push-django-ecs.yml
+++ b/.github/workflows/push-django-ecs.yml
@@ -62,7 +62,7 @@ jobs:
 
       - name: Login to Amazon ECR
         id: login-ecr
-        uses: aws-actions/amazon-ecr-login@v1
+        uses: aws-actions/amazon-ecr-login@v2
 
       - name: Build, tag, and push image to Amazon ECR
         id: build-image
@@ -80,7 +80,7 @@ jobs:
       - name: Download task definition
         run: |
           aws ecs describe-task-definition --task-definition django --query taskDefinition > temp-task-definition.json
-          
+
       - name: Fill in the new image ID in the Amazon ECS task definition
         id: task-def
         uses: aws-actions/amazon-ecs-render-task-definition@v1
@@ -90,7 +90,7 @@ jobs:
           image: ${{ steps.build-image.outputs.image }}
 
       - name: Deploy Amazon ECS task definition
-        uses: aws-actions/amazon-ecs-deploy-task-definition@v1
+        uses: aws-actions/amazon-ecs-deploy-task-definition@v1.5.0
         with:
           task-definition: ${{ steps.task-def.outputs.task-definition }}
           service: ${{ env.ECS_SERVICE }}
diff --git a/.github/workflows/push-training-ecs.yml b/.github/workflows/push-training-ecs.yml
index 4d4dca87..7c5d60f4 100644
--- a/.github/workflows/push-training-ecs.yml
+++ b/.github/workflows/push-training-ecs.yml
@@ -67,7 +67,7 @@ jobs:
 
       - name: Login to Amazon ECR
         id: login-ecr
-        uses: aws-actions/amazon-ecr-login@v1
+        uses: aws-actions/amazon-ecr-login@v2
 
       - name: Build, tag, and push image to Amazon ECR
         id: build-image
@@ -95,7 +95,7 @@ jobs:
           image: ${{ steps.build-image.outputs.image }}
 
       - name: Deploy Amazon ECS task definition
-        uses: aws-actions/amazon-ecs-deploy-task-definition@v1
+        uses: aws-actions/amazon-ecs-deploy-task-definition@v1.5.0
         with:
           task-definition: ${{ steps.task-def.outputs.task-definition }}
           service: ${{ env.ECS_SERVICE }}
diff --git a/dlp-terraform/ecs/ecs.tf b/dlp-terraform/ecs/ecs.tf
index 89cdaafd..d9851788 100644
--- a/dlp-terraform/ecs/ecs.tf
+++ b/dlp-terraform/ecs/ecs.tf
@@ -52,7 +52,9 @@ resource "aws_iam_role" "ecs_task_role" {
 resource "aws_iam_role_policy_attachment" "ecs_task_role_policy" {
   for_each = toset([
     "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess",
-    "arn:aws:iam::aws:policy/SecretsManagerReadWrite"
+    "arn:aws:iam::aws:policy/SecretsManagerReadWrite",
+    "arn:aws:iam::aws:policy/AmazonSQSFullAccess",
+    "arn:aws:iam::aws:policy/AmazonS3FullAccess"
   ])
 
   role       = aws_iam_role.ecs_task_role.name