Merge pull request #81 from threnjen/terraform_architecture_updates

updates to terraform structure and additions
threnjen · Jan 11, 2025 · 8494220 · 8494220
2 parents 14f52cc + fa818f9
commit 8494220
Show file tree

Hide file tree

Showing 10 changed files with 296 additions and 263 deletions.
diff --git a/aws_terraform_bgg/dynamo_db.tf b/aws_terraform_bgg/dynamo_db.tf
@@ -26,8 +26,8 @@ resource "aws_iam_policy" "game_generated_descriptions_dynamodb_access" {
         Effect = "Allow",
         Action = [
           "dynamodb:PutItem",
-				"dynamodb:ListTables",
-				"dynamodb:GetItem"
+          "dynamodb:ListTables",
+          "dynamodb:GetItem"
         ],
         Resource = "*"
       }

diff --git a/aws_terraform_bgg/fargate_ecr.tf b/aws_terraform_bgg/fargate_ecr.tf
@@ -17,7 +17,9 @@ locals {
     module.rag_description_generation_ecr.ecr_repository_name,
     module.dev_rag_description_generation_ecr.ecr_repository_name,
     module.weaviate_rag_server_ecr.ecr_repository_name,
-    module.t2v-transformers_ecr.ecr_repository_name
+    module.t2v-transformers_ecr.ecr_repository_name,
+    module.ratings_embedder.ecr_repository_name,
+    module.dev_ratings_embedder.ecr_repository_name,
   ]
 }
 
@@ -36,6 +38,16 @@ module "t2v-transformers_ecr" {
   ecr_repository_name = "t2v-transformers"
 }
 
+module "ratings_embedder" {
+  source              = "./modules/ecr"
+  ecr_repository_name = "ratings_embedder"
+}
+
+module "dev_ratings_embedder" {
+  source              = "./modules/ecr"
+  ecr_repository_name = "dev_ratings_embedder"
+}
+
 module "rag_description_generation_ecr" {
   source              = "./modules/ecr"
   ecr_repository_name = "rag_description_generation"

diff --git a/aws_terraform_bgg/fargate_ecs_roles.tf b/aws_terraform_bgg/fargate_ecs_roles.tf
@@ -4,96 +4,31 @@ resource "aws_s3_object" "file_upload" {
   source = "../.env"
 }
 
-module "rag_description_generation_FargateExecutionRole_role" {
-  source          = "./modules/iam_ecs_roles"
-  task_definition = "rag_description_generation_FargateExecutionRole"
-}
-
-resource "aws_iam_role_policy_attachment" "S3_Access_rag_description_generation_FargateExecutionRole_attach" {
-  role       = module.rag_description_generation_FargateExecutionRole_role.name
-  policy_arn = aws_iam_policy.S3_Access_bgg_scraper_policy.arn
-}
-
-module "rag_description_generation_FargateTaskRole_role" {
-  source          = "./modules/iam_ecs_roles"
-  task_definition = "rag_description_generation_FargateTaskRole"
-}
-
-resource "aws_iam_role_policy_attachment" "rag_description_generation" {
-  role       = module.rag_description_generation_FargateTaskRole_role.name
-  policy_arn = aws_iam_policy.SSM_send_command.arn
-}
-
-resource "aws_iam_role_policy_attachment" "S3_Access_rag_description_generation_FargateTaskRole_attach" {
-  role       = module.rag_description_generation_FargateTaskRole_role.name
-  policy_arn = aws_iam_policy.S3_Access_bgg_scraper_policy.arn
-}
-
-resource "aws_iam_role_policy_attachment" "Cloudwatch_Put_Metrics_rag_description_generation_FargateTaskRole_roleattach" {
-  role       = module.rag_description_generation_FargateTaskRole_role.name
-  policy_arn = aws_iam_policy.Cloudwatch_Put_Metrics_policy.arn
-}
-
-resource "aws_iam_role_policy_attachment" "dynamodb_rag_description_generation_FargateTaskRole_roleattach" {
-  role       = module.rag_description_generation_FargateTaskRole_role.name
-  policy_arn = aws_iam_policy.game_generated_descriptions_dynamodb_access.arn
-}
-
-resource "aws_iam_role_policy_attachment" "ec2_instance_access_rag_description_generation_FargateTaskRole_roleattach" {
-  role       = module.rag_description_generation_FargateTaskRole_role.name
-  policy_arn = aws_iam_policy.ec2_instance_access.arn
-}
-
-module "bgg_orchestrator_FargateExecutionRole_role" {
+module "bgg_ratings_embedder_FargateExecutionRole_role" {
   source          = "./modules/iam_ecs_roles"
-  task_definition = "bgg_orchestrator_FargateExecutionRole"
+  task_definition = "bgg_ratings_embedder_FargateExecutionRole"
 }
 
-resource "aws_iam_role_policy_attachment" "S3_Access_bgg_orchestrator_FargateExecutionRole_attach" {
-  role       = module.bgg_orchestrator_FargateExecutionRole_role.name
+resource "aws_iam_role_policy_attachment" "S3_Access_bgg_ratings_embedder_FargateExecutionRole_attach" {
+  role       = module.bgg_ratings_embedder_FargateExecutionRole_role.name
   policy_arn = aws_iam_policy.S3_Access_bgg_scraper_policy.arn
 }
 
-module "bgg_orchestrator_FargateTaskRole_role" {
+module "bgg_ratings_embedder_FargateTaskRole_role" {
   source          = "./modules/iam_ecs_roles"
-  task_definition = "bgg_orchestrator_FargateTaskRole"
+  task_definition = "bgg_ratings_embedder_FargateTaskRole"
 }
 
-resource "aws_iam_role_policy_attachment" "S3_Access_bgg_orchestrator_FargateTaskRole_attach" {
-  role       = module.bgg_orchestrator_FargateTaskRole_role.name
+resource "aws_iam_role_policy_attachment" "S3_Access_boardgamegeekbgg_ratings_embedder_FargateTaskRoleattach" {
+  role       = module.bgg_ratings_embedder_FargateTaskRole_role.name
   policy_arn = aws_iam_policy.S3_Access_bgg_scraper_policy.arn
 }
 
-resource "aws_iam_role_policy_attachment" "Cloudwatch_Put_Metrics_bgg_orchestrator_FargateTaskRole_roleattach" {
-  role       = module.bgg_orchestrator_FargateTaskRole_role.name
+resource "aws_iam_role_policy_attachment" "Cloudwatch_Put_Metricsbgg_ratings_embedder_FargateTaskRoleattach" {
+  role       = module.bgg_ratings_embedder_FargateTaskRole_role.name
   policy_arn = aws_iam_policy.Cloudwatch_Put_Metrics_policy.arn
 }
 
-resource "aws_iam_role_policy_attachment" "trigger_bgg_lambda_run_attach_to_orchestrator" {
-  role       = module.bgg_orchestrator_FargateTaskRole_role.name
-  policy_arn = aws_iam_policy.lambda_direct_permissions.arn
-}
-
-resource "aws_iam_role_policy_attachment" "ecs_run_attach_game_cleaner_to_orchestrator" {
-  role       = module.bgg_orchestrator_FargateTaskRole_role.name
-  policy_arn = aws_iam_policy.ecs_run_permissions_bgg_game_data_cleaner.arn
-}
-
-resource "aws_iam_role_policy_attachment" "ecs_run_attach_scraper_to_orchestrator" {
-  role       = module.bgg_orchestrator_FargateTaskRole_role.name
-  policy_arn = aws_iam_policy.ecs_run_permissions_bgg_scraper.arn
-}
-
-resource "aws_iam_role_policy_attachment" "ecs_run_attach_ratings_cleaner_to_orchestrator" {
-  role       = module.bgg_orchestrator_FargateTaskRole_role.name
-  policy_arn = aws_iam_policy.ecs_run_permissions_bgg_ratings_data_cleaner.arn
-}
-
-resource "aws_iam_role_policy_attachment" "ecs_run_attach_user_cleaner_to_orchestrator" {
-  role       = module.bgg_orchestrator_FargateTaskRole_role.name
-  policy_arn = aws_iam_policy.ecs_run_permissions_bgg_users_data_cleaner.arn
-}
-
 module "bgg_game_data_cleaner_FargateExecutionRole_role" {
   source          = "./modules/iam_ecs_roles"
   task_definition = "bgg_game_data_cleaner_FargateExecutionRole"
@@ -178,8 +113,6 @@ resource "aws_iam_role_policy_attachment" "Cloudwatch_Put_Metric_bgg_scraper_Far
 }
 
 
-
-
 module "bgg_users_data_cleaner_FargateTaskRole_role" {
   source          = "./modules/iam_ecs_roles"
   task_definition = "bgg_users_data_cleaner_FargateTaskRole"
@@ -208,4 +141,94 @@ resource "aws_iam_role_policy_attachment" "Cloudwatch_Put_Metricsbgg_users_data_
 resource "aws_iam_role_policy_attachment" "glue_boardgamegeekbgg_users_data_cleaner_FargateTaskRoleattach" {
   role       = module.bgg_users_data_cleaner_FargateTaskRole_role.name
   policy_arn = aws_iam_policy.glue_table_access.arn
-}
+}
+module "rag_description_generation_FargateExecutionRole_role" {
+  source          = "./modules/iam_ecs_roles"
+  task_definition = "rag_description_generation_FargateExecutionRole"
+}
+
+resource "aws_iam_role_policy_attachment" "S3_Access_rag_description_generation_FargateExecutionRole_attach" {
+  role       = module.rag_description_generation_FargateExecutionRole_role.name
+  policy_arn = aws_iam_policy.S3_Access_bgg_scraper_policy.arn
+}
+
+module "rag_description_generation_FargateTaskRole_role" {
+  source          = "./modules/iam_ecs_roles"
+  task_definition = "rag_description_generation_FargateTaskRole"
+}
+
+resource "aws_iam_role_policy_attachment" "S3_Access_rag_description_generation_FargateTaskRole_attach" {
+  role       = module.rag_description_generation_FargateTaskRole_role.name
+  policy_arn = aws_iam_policy.S3_Access_bgg_scraper_policy.arn
+}
+
+resource "aws_iam_role_policy_attachment" "Cloudwatch_Put_Metrics_rag_description_generation_FargateTaskRole_roleattach" {
+  role       = module.rag_description_generation_FargateTaskRole_role.name
+  policy_arn = aws_iam_policy.Cloudwatch_Put_Metrics_policy.arn
+}
+
+resource "aws_iam_role_policy_attachment" "dynamodb_rag_description_generation_FargateTaskRole_roleattach" {
+  role       = module.rag_description_generation_FargateTaskRole_role.name
+  policy_arn = aws_iam_policy.game_generated_descriptions_dynamodb_access.arn
+}
+
+# not currently using EC2 for Weaviate server, but we'll keep this here for future use
+# resource "aws_iam_role_policy_attachment" "rag_description_generation_SSM_send_command_attach" {
+#   role       = module.rag_description_generation_FargateTaskRole_role.name
+#   policy_arn = aws_iam_policy.SSM_send_command.arn
+# }
+# resource "aws_iam_role_policy_attachment" "ec2_instance_access_rag_description_generation_FargateTaskRole_roleattach" {
+#   role       = module.rag_description_generation_FargateTaskRole_role.name
+#   policy_arn = aws_iam_policy.ec2_instance_access.arn
+# }
+
+module "bgg_orchestrator_FargateExecutionRole_role" {
+  source          = "./modules/iam_ecs_roles"
+  task_definition = "bgg_orchestrator_FargateExecutionRole"
+}
+
+resource "aws_iam_role_policy_attachment" "S3_Access_bgg_orchestrator_FargateExecutionRole_attach" {
+  role       = module.bgg_orchestrator_FargateExecutionRole_role.name
+  policy_arn = aws_iam_policy.S3_Access_bgg_scraper_policy.arn
+}
+
+module "bgg_orchestrator_FargateTaskRole_role" {
+  source          = "./modules/iam_ecs_roles"
+  task_definition = "bgg_orchestrator_FargateTaskRole"
+}
+
+resource "aws_iam_role_policy_attachment" "S3_Access_bgg_orchestrator_FargateTaskRole_attach" {
+  role       = module.bgg_orchestrator_FargateTaskRole_role.name
+  policy_arn = aws_iam_policy.S3_Access_bgg_scraper_policy.arn
+}
+
+resource "aws_iam_role_policy_attachment" "Cloudwatch_Put_Metrics_bgg_orchestrator_FargateTaskRole_roleattach" {
+  role       = module.bgg_orchestrator_FargateTaskRole_role.name
+  policy_arn = aws_iam_policy.Cloudwatch_Put_Metrics_policy.arn
+}
+
+resource "aws_iam_role_policy_attachment" "trigger_bgg_lambda_run_attach_to_orchestrator" {
+  role       = module.bgg_orchestrator_FargateTaskRole_role.name
+  policy_arn = aws_iam_policy.lambda_direct_permissions.arn
+}
+
+resource "aws_iam_role_policy_attachment" "ecs_run_attach_game_cleaner_to_orchestrator" {
+  role       = module.bgg_orchestrator_FargateTaskRole_role.name
+  policy_arn = module.ecs_run_permissions_bgg_game_data_cleaner.arn
+}
+
+resource "aws_iam_role_policy_attachment" "ecs_run_attach_scraper_to_orchestrator" {
+  role       = module.bgg_orchestrator_FargateTaskRole_role.name
+  policy_arn = module.ecs_run_permissions_bgg_scraper.arn
+}
+
+resource "aws_iam_role_policy_attachment" "ecs_run_attach_ratings_cleaner_to_orchestrator" {
+  role       = module.bgg_orchestrator_FargateTaskRole_role.name
+  policy_arn = module.ecs_run_permissions_bgg_ratings_data_cleaner.arn
+}
+
+resource "aws_iam_role_policy_attachment" "ecs_run_attach_user_cleaner_to_orchestrator" {
+  role       = module.bgg_orchestrator_FargateTaskRole_role.name
+  policy_arn = module.ecs_run_permissions_bgg_users_data_cleaner.arn
+}
+