chore : 빌드시 aws관련 정보 application-secret.yml에 들어가도록 설정 (#73)

taekkong · web-flow · commit 9fb37c7ce063 · 2025-09-26T11:23:25.000+09:00
* chore : S3 사용을 위해 빌드시 AWS 정보 application-secrets.yml에 추가되도록 설정

* chore : 역할에 S3 접근 정책 부착 하도록 설정

* chore : ãyml에 추가정보 넣도록 설정
diff --git a/.github/workflows/test-server-ci.yml b/.github/workflows/test-server-ci.yml
@@ -55,6 +55,11 @@ jobs:
           echo "${{ secrets.APPLICATION_SECRET_YML }}" > src/main/resources/application-secrets.yml
           echo "OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}" >> src/main/resources/application-secrets.yml
 
+          echo "spring.cloud.aws.region.static: ${{ secrets.AWS_REGION }}" >> src/main/resources/application-secrets.yml
+          echo "spring.cloud.aws.credentials.access-key: ${{ secrets.AWS_ACCESS_KEY_ID }}" >> src/main/resources/application-secrets.yml
+          echo "spring.cloud.aws.credentials.secret-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}" >> src/main/resources/application-secrets.yml
+          echo "spring.cloud.aws.s3.bucket: ${{ secrets.AWS_S3_BUCKET_NAME }}" >> src/main/resources/application-secrets.yml
+          echo "spring.cloud.aws.stack : false" >> src/main/resources/application-secrets.yml
       # 6. application-secrets-server.yml 생성
       - name: Generate application-secrets-server.yml
         run: |
diff --git a/infra/terraform/modules/iam/main.tf b/infra/terraform/modules/iam/main.tf
@@ -13,10 +13,10 @@ resource "aws_iam_role" "ec2_role" {
 }
 
 # 역할에 S3 접근 정책 부착 (사용하지 않을 경우 주석 처리)
-# resource "aws_iam_role_policy_attachment" "s3_full" {
-#   role       = aws_iam_role.ec2_role.name
-#   policy_arn = "arn:aws:iam::aws:policy/AmazonS3FullAccess"
-# }
+resource "aws_iam_role_policy_attachment" "s3_full" {
+  role       = aws_iam_role.ec2_role.name
+  policy_arn = "arn:aws:iam::aws:policy/AmazonS3FullAccess"
+}
 
 # 역할에 SSM 접근 정책 부착 (AWS Systems Manager)
 resource "aws_iam_role_policy_attachment" "ssm" {
