Update permission for Integration to read Production Chat Snapshot S3…

… bucket
alphagov · Aug 5, 2024 · ea060e1 · ea060e1
1 parent 6452df6
commit ea060e1
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/terraform/deployments/opensearch/iam.tf b/terraform/deployments/opensearch/iam.tf
@@ -7,7 +7,7 @@ locals {
       "arn:aws:s3:::govuk-staging-chat-opensearch-snapshots",
     ]
     integration = [
-      "arn:aws:s3:::govuk-staging-chat-opensearch-snapshots",
+      "arn:aws:s3:::govuk-production-chat-opensearch-snapshots",
       "arn:aws:s3:::govuk-integration-chat-opensearch-snapshots",
     ]
   }[var.govuk_environment]

diff --git a/terraform/deployments/opensearch/register-snapshot-repository.py b/terraform/deployments/opensearch/register-snapshot-repository.py
@@ -66,7 +66,7 @@ def register_repository(name, role_arn, delete_first=False, read_only=False):
 elif sys.argv[1] == 'integration':
     role_arn = 'arn:aws:iam::210287912431:role/govuk-integration-chat-opensearch-snapshot-role'
     register_repository('govuk-integration', role_arn, delete_first=delete_first)
-    register_repository('govuk-staging', role_arn, delete_first=delete_first, read_only=True)
+    register_repository('govuk-production', role_arn, delete_first=delete_first, read_only=True)
 elif sys.argv[1] == 'staging':
     role_arn = 'arn:aws:iam::696911096973:role/govuk-staging-chat-opensearch-snapshot-role'
     register_repository('govuk-staging', role_arn, delete_first=delete_first)