Merge pull request #8879 from ministryofjustice/jml-repo-add

🔧 Add push/pull principals
ministryofjustice · Jan 9, 2025 · e7698ee · e7698ee
2 parents a5fd470 + 1783aae
commit e7698ee
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/terraform/environments/core-shared-services/ecr_repos.tf b/terraform/environments/core-shared-services/ecr_repos.tf
@@ -752,17 +752,20 @@ module "data_platform_jml_ecr_repo" {
   push_principals = [
     "arn:aws:iam::${local.environment_management.account_ids["data-platform-development"]}:role/modernisation-platform-oidc-cicd",
     "arn:aws:iam::${local.environment_management.account_ids["data-platform-apps-and-tools-development"]}:role/modernisation-platform-oidc-cicd",
+    "arn:aws:iam::${local.environment_management.account_ids["analytical-platform-data-production"]}:role/modernisation-platform-oidc-cicd",
     local.environment_management.account_ids["data-platform-apps-and-tools-production"],
   ]
 
   pull_principals = [
     "arn:aws:iam::${local.environment_management.account_ids["data-platform-development"]}:role/modernisation-platform-oidc-cicd",
     "arn:aws:iam::${local.environment_management.account_ids["data-platform-apps-and-tools-development"]}:role/modernisation-platform-oidc-cicd",
+    "arn:aws:iam::${local.environment_management.account_ids["analytical-platform-data-production"]}:role/modernisation-platform-oidc-cicd",
     local.environment_management.account_ids["data-platform-apps-and-tools-production"],
   ]
 
   enable_retrieval_policy_for_lambdas = [
     "arn:aws:lambda:eu-west-2:${local.environment_management.account_ids["data-platform-apps-and-tools-production"]}:function:data_platform_jml_extract*",
+    "arn:aws:iam::${local.environment_management.account_ids["analytical-platform-data-production"]}:function:data_platform_jml_extract*"
   ]
 
   # Tags