@@ -6,7 +6,8 @@ data "aws_region" "current" {}
66# Locals
77
88locals {
9- version = " 1.1.1"
9+ version = " 1.1.1"
10+ service-name = " depot-connection-${ var . connection-id } -cloud-agent"
1011}
1112
1213# VPC
@@ -350,6 +351,13 @@ resource "aws_iam_role" "cloud-agent" {
350351 }
351352 },
352353
354+ {
355+ Action = [" ecs:ListTasks" " ecs:DescribeTasks" " ecs:StopTask"
356+ Effect = " Allow"
357+ Resource = [" *"
358+ Condition = { ArnEquals = { " ecs:cluster" - agent[0 ].arn } }
359+ },
360+
353361 {
354362 Action = [" iam:PassRole"
355363 Effect = " Allow"
@@ -393,7 +401,9 @@ resource "aws_ecs_task_definition" "cloud-agent" {
393401 { name = " CLOUD_AGENT_AWS_SG_BUILDKIT" = aws_security_group.instance- buildkit[0 ].id },
394402 { name = " CLOUD_AGENT_AWS_SG_DEFAULT" = aws_security_group.instance- default[0 ].id },
395403 { name = " CLOUD_AGENT_AWS_SUBNET_ID" = aws_subnet.public[0 ].id },
404+ { name = " CLOUD_AGENT_CLUSTER_ARN" = aws_ecs_cluster.cloud- agent[0 ].arn },
396405 { name = " CLOUD_AGENT_CONNECTION_ID" = var.connection- id },
406+ { name = " CLOUD_AGENT_SERVICE_NAME" = local.service- name },
397407 { name = " CLOUD_AGENT_TF_MODULE_VERSION" = local.version },
398408
399409 # This environment variable is unused, but causes ECS to redeploy if the connection token changes
@@ -415,7 +425,7 @@ resource "aws_ecs_task_definition" "cloud-agent" {
415425
416426resource "aws_ecs_service" "cloud-agent" {
417427 count = . create ? 1 : 0
418- name = " depot-connection- ${ var . connection-id } -cloud-agent "
428+ name = local . service-name
419429 cluster = . cloud-agent [0 ]. id
420430 task_definition = . cloud-agent [0 ]. arn
421431 desired_count = 1
0 commit comments