From 4b6a8439a4d0540f8dcbdc6e140956dc91739f89 Mon Sep 17 00:00:00 2001 From: Khai Do Date: Thu, 29 Jun 2023 09:57:39 -0700 Subject: [PATCH] Revert "[IT-2360] Setup IAM roles for tower" This reverts commit 0c1843a612aab398943a8b2ae6c477d0b47f7ebb. --- templates/tower-project.j2 | 38 -------------------------------------- 1 file changed, 38 deletions(-) diff --git a/templates/tower-project.j2 b/templates/tower-project.j2 index ef082587..9f4b9f27 100644 --- a/templates/tower-project.j2 +++ b/templates/tower-project.j2 @@ -141,39 +141,6 @@ Resources: Service: - ecs-tasks.amazonaws.com - TowerRole: - Type: "AWS::IAM::Role" - Properties: - ManagedPolicyArns: - - 'Fn::ImportValue': !Sub ${AWS::Region}-nextflow-forge-iam-policy-NextFlowForgePolicyArn - - 'Fn::ImportValue': !Sub ${AWS::Region}-nextflow-launch-iam-policy-NextFlowLaunchPolicyArn - AssumeRolePolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Principal: - Service: ec2.amazonaws.com - Action: sts:AssumeRole - - Effect: Allow - Principal: - Service: ecs-tasks.amazonaws.com - Action: sts:AssumeRole - - Effect: Allow - Principal: - Service: eks.amazonaws.com - Action: sts:AssumeRole - - Sid: AllowEc2AssumeRole - Effect: Allow - Principal: - AWS: !Ref AccountAdminArns - Action: sts:AssumeRole - - Sid: AllowEcsServiceRole2AssumeRole - Effect: Allow - Principal: - AWS: - - 'Fn::ImportValue': !Sub ${AWS::Region}-nextflow-ecs-service-EcsServiceRoleArn - Action: sts:AssumeRole - TowerForgeBatchHeadJobPolicy: Type: AWS::IAM::Policy Properties: @@ -616,11 +583,6 @@ Outputs: Export: Name: !Sub "${AWS::Region}-${AWS::StackName}-TowerForgeServiceRoleArn" - TowerRoleArn: - Value: !GetAtt TowerRole.Arn - Export: - Name: !Sub "${AWS::Region}-${AWS::StackName}-TowerRoleArn" - TowerForgeBatchHeadJobRole: Value: !Ref TowerForgeBatchHeadJobRole Export: