Skip to content

Commit 9dce197

Browse files
MadisonwMadisonw
committed
instance role and fixing issue with EIP
1 parent 9853f57 commit 9dce197

File tree

1 file changed

+20
-4
lines changed

1 file changed

+20
-4
lines changed

lib/allora/lib/allora-stack.ts

Lines changed: 20 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -85,9 +85,25 @@ export class AlloraStack extends cdk.Stack {
8585
ec2UserData.addCommands(modifiedUserData);
8686

8787
// Getting the snapshot bucket name and IAM role ARN from the common stack
88-
const importedInstanceRoleArn = cdk.Fn.importValue("EdgeNodeInstanceRoleArn");
88+
const instanceRole = new iam.Role(this, "node-role", {
89+
assumedBy: new iam.ServicePrincipal("ec2.amazonaws.com"),
90+
managedPolicies: [
91+
iam.ManagedPolicy.fromAwsManagedPolicyName("AmazonSSMManagedInstanceCore"),
92+
iam.ManagedPolicy.fromAwsManagedPolicyName("CloudWatchAgentServerPolicy")
8993

90-
const instanceRole = iam.Role.fromRoleArn(this, "iam-role", importedInstanceRoleArn);
94+
]
95+
});
96+
97+
instanceRole.addToPolicy(new iam.PolicyStatement({
98+
resources: ["*"],
99+
actions: ["cloudformation:SignalResource"]
100+
}));
101+
102+
103+
new cdk.CfnOutput(this, "Instance Role ARN", {
104+
value: instanceRole.roleArn,
105+
exportName: "EdgeNodeInstanceRoleArn"
106+
});
91107

92108
// Making sure our instance will be able to read the assets
93109
bucket.grantRead(instanceRole);
@@ -97,7 +113,7 @@ export class AlloraStack extends cdk.Stack {
97113
const singleNodeProps: SingleNodeConstructCustomProps = {
98114
instanceName: `${resourceNamePrefix}Instance`,
99115
instanceType: new ec2.InstanceType(instanceType),
100-
dataVolumes: dataVolume ? [ dataVolume ] : [], // Define your data volumes here
116+
dataVolumes: [ dataVolume ], // Define your data volumes here
101117
machineImage: ec2.MachineImage.genericLinux({ [region]: amiId }),
102118
role: instanceRole,
103119
vpc: vpc,
@@ -129,7 +145,7 @@ export class AlloraStack extends cdk.Stack {
129145
const eip = new ec2.CfnEIP(this, `${resourceNamePrefix}EIP`);
130146
new ec2.CfnEIPAssociation(this, `${resourceNamePrefix}EIPAssociation`, {
131147
eip: eip.ref,
132-
instanceId: instance.instanceId,
148+
instanceId: singleNode.instanceId,
133149
});
134150

135151
nag.NagSuppressions.addResourceSuppressions(

0 commit comments

Comments
 (0)