Implement a few rationalisations (#210)

* chore: add missing instructions about the GitHub token * chore: fix the description of 'github_token_secret_name'
aws-ia · May 13, 2024 · fc974ee · fc974ee
1 parent d94a402
commit fc974ee
Show file tree

Hide file tree

Showing 5 changed files with 9 additions and 4 deletions.
diff --git a/terraform/fargate-examples/backstage/variables.tf b/terraform/fargate-examples/backstage/variables.tf
@@ -15,7 +15,7 @@ variable "repository_branch" {
 }
 
 variable "github_token_secret_name" {
-  description = "Name of secret manager secret storing github token for auth"
+  description = "Name of the AWS Secrets Manager secret storing the Github token for authentication"
   type        = string
 }
 

diff --git a/terraform/fargate-examples/graviton/variables.tf b/terraform/fargate-examples/graviton/variables.tf
@@ -16,7 +16,7 @@ variable "repository_branch" {
 }
 
 variable "github_token_secret_name" {
-  description = "The name of branch the Github repository, which is going to trigger a new CodePipeline excecution"
+  description = "Name of the AWS Secrets Manager secret storing the Github token for authentication"
   type        = string
   default     = "ecs-github-token"
 }
diff --git a/terraform/fargate-examples/queue-processing/README.md b/terraform/fargate-examples/queue-processing/README.md
@@ -5,6 +5,11 @@ This solution blueprint deploys an end to end data processing pipeline using ECS
 This blueprint expects files uploaded to an S3 source bucket which trigger S3 event notifications and publish file metadata to SQS. On a regular 2 minute CloudWatch event rule, a Lambda function is invoked which checks the SQS queue for the `ApproximateNumberOfMessages` attribute and lauches Fargate tasks based on queue depth using the ECS `run_task()` API. The tasks are designed to continue processing and draining the SQS queue before scaling down to 0 tasks automatically, eliminating the need to keep a fixed pool of ECS tasks running.
 
 * Deploy the [core-infra](../core-infra/README.md). Note if you have already deployed the infra then you can reuse it as well.
+* Create a [Github token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token) to access the forked repository.
+* Store the secret in AWS Secrets Manager in the region where you want to deploy the blueprints.
+  ```shell
+  aws secretsmanager create-secret --name ecs-github-token --secret-string <your-github-access-token>
+  ```
 * **NOTE:** Codestar notification rules require a **one-time** creation of a service-linked role. Please verify one exists or create the codestar-notification service-linked role.
   * `aws iam get-role --role-name AWSServiceRoleForCodeStarNotifications`
 

diff --git a/terraform/fargate-examples/queue-processing/variables.tf b/terraform/fargate-examples/queue-processing/variables.tf
@@ -16,7 +16,7 @@ variable "repository_branch" {
 }
 
 variable "github_token_secret_name" {
-  description = "The name of branch the Github repository, which is going to trigger a new CodePipeline excecution"
+  description = "Name of the AWS Secrets Manager secret storing the Github token for authentication"
   type        = string
   default     = "ecs-github-token"
 }
diff --git a/terraform/fargate-examples/sqs-dynamic-target-tracking/variables.tf b/terraform/fargate-examples/sqs-dynamic-target-tracking/variables.tf
@@ -16,7 +16,7 @@ variable "repository_branch" {
 }
 
 variable "github_token_secret_name" {
-  description = "The name of branch the Github repository, which is going to trigger a new CodePipeline excecution"
+  description = "Name of the AWS Secrets Manager secret storing the Github token for authentication"
   type        = string
   default     = "ecs-github-token"
 }