update

src/tf/aws-dagster/architectures/ec2.tf

@@ -0,0 +1,75 @@
+data "aws_ami" "amazon_linux_2" {
+  most_recent = true
+
+  filter {
+    name   = "virtualization-type"
+    values = ["hvm"]
+  }
+
+  filter {
+    name   = "owner-alias"
+    values = ["amazon"]
+  }
+
+  filter {
+    name   = "name"
+    values = ["amzn2-ami-ecs-hvm-*-x86_64-ebs"]
+  }
+
+  owners = ["amazon"]
+}
+# ami-00877cb58e935baf9
+
+# data "templatefile" "user_data" {
+#   template = file("${path.module}/user_data.sh")
+
+#   vars = {
+#     ecs_cluster_name = aws_ecs_cluster.this.name
+#   }
+# }
+
+resource "aws_iam_role" "this_ecs_ec2" {
+  name               = "${var.prefix}-hotload-etl2"
+  assume_role_policy = file("${path.module}/iam/ec2_ecs_assume_policy.json")
+}
+
+resource "aws_iam_role_policy_attachment" "this_ecs_ec2" {
+  role       = aws_iam_role.this_ecs_ec2.name
+  policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role"
+}
+
+resource "aws_iam_instance_profile" "this" {
+  role = aws_iam_role.this_ecs_ec2.name
+  name = "${var.prefix}-profile-hotload"
+}
+
+resource "aws_key_pair" "this" {
+  key_name   = "${var.prefix}-hotload-key"
+  public_key = tls_private_key.this.public_key_openssh
+}
+
+resource "aws_launch_template" "this" {
+  name          = "${var.prefix}-launch-template-hotload"
+  image_id      = data.aws_ami.amazon_linux_2.id
+  instance_type = "t3.medium"
+  key_name      = aws_key_pair.this.key_name
+  user_data = templatefile("${path.module}/user_data.sh", {
+    ecs_cluster_name = aws_ecs_cluster.this.name
+  })
+  vpc_security_group_ids = [module.security_groups.sg_ids["everything"].id]
+
+  iam_instance_profile {
+    arn = aws_iam_instance_profile.this.arn
+  }
+
+  monitoring {
+    enabled = true
+  }
+}
+
+# resource "aws_ecs_service" "this" {
+#     name = "${var.prefix}-ecs-hotload"
+#     iam_role = aws_iam_role.this_ecs_ec2.arn
+#     cluster = aws_ecs_cluster.this.id
+
+# }

src/tf/aws-dagster/architectures/ecs-task.tf

@@ -0,0 +1,4 @@
+resource "aws_iam_role" "this_task" {
+  name               = "${var.prefix}-hotload-task"
+  assume_role_policy = file("${path.module}/iam/ec2_assume_policy.json")
+}

src/tf/aws-dagster/architectures/iam/ec2_ecs_assume_policy.json

@@ -0,0 +1,13 @@
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Sid": "",
+      "Effect": "Allow",
+      "Principal": {
+        "Service": ["ec2.amazonaws.com", "ecs.amazonaws.com"]
+      },
+      "Action": "sts:AssumeRole"
+    }
+  ]
+}

src/tf/aws-dagster/architectures/iam/ecs_assume_policy.json

@@ -0,0 +1,13 @@
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Sid": "",
+      "Effect": "Allow",
+      "Principal": {
+        "Service": "ecs.amazonaws.com"
+      },
+      "Action": "sts:AssumeRole"
+    }
+  ]
+}

src/tf/aws-dagster/architectures/user_data.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+## Configure cluster name using the template variable ${ecs_cluster_name}
+
+echo ECS_CLUSTER='${ecs_cluster_name}' >> /etc/ecs/ecs.config

src/tf/aws-dagster/workspace-prod.yaml

@@ -10,6 +10,6 @@ load_from:
       location_name: { "env": "ETL2_CODE_LOC_NAME" }
 
   - grpc_server:
-      host: { "env": "ETL2_CODE_SERVER_HOST" }
-      port: { "env": "ETL2_CODE_SERVER_PORT" }
+      host: etl2hotload.dagster.internal
+      port: 4002
       location_name: etl2_code_server_hotload