diff --git a/org-formation/650-identity-providers/_tasks.yaml b/org-formation/650-identity-providers/_tasks.yaml index cf482cca..931e719c 100644 --- a/org-formation/650-identity-providers/_tasks.yaml +++ b/org-formation/650-identity-providers/_tasks.yaml @@ -768,82 +768,6 @@ GithubOidcWorkflowsProdNextflowInfra: - !Ref WorkflowsNextflowProdAccount Region: us-east-1 -GithubOidcBridgeDigitalHealthOpenBridgeWeb: - Type: update-stacks - DependsOn: GithubOidcSageBionetworks - Template: https://raw.githubusercontent.com/Sage-Bionetworks/aws-infra/v0.7.6/templates/IAM/github-oidc-provider.j2 - StackName: !Sub ${resourcePrefix}-${appName}-bridgedigitalhealth-openbridgeweb - Parameters: - ProviderArn: !CopyValue [ !Sub '${resourcePrefix}-${appName}-ProviderArn' ] - ProviderRoleName: !Sub ${resourcePrefix}-${appName}-bridgedigitalhealth-openbridgeweb - PolicyDocument: | - { - "Version": "2012-10-17", - "Statement": [ - { - "Sid": "ListObjectsInBucket", - "Effect": "Allow", - "Action": [ "s3:GetBucketLocation", "s3:ListBucket", "s3:ListBucketMultipartUploads" ], - "Resource": [ - "arn:aws:s3:::staging.studies.mobiletoolbox.org", - "arn:aws:s3:::prod.studies.mobiletoolbox.org", - "arn:aws:s3:::staging-arcdashboard-sagebionetwork-websitebucket-bd4g741peby9", - "arn:aws:s3:::prod-arcdashboard-sagebionetworks-o-websitebucket-1f1fae0cp8k4e", - "arn:aws:s3:::staging-studies-bridgedigital-healt-websitebucket-llv54doyeqrl", - "arn:aws:s3:::staging-bridgedigital-health-static-websitebucket-16zqwmvoy16o", - "arn:aws:s3:::prod-bridgedigital-health-static-websitebucket-iadz6lysjo5v", - "arn:aws:s3:::prod-studies-bridgedigital-health-websitebucket-1rc2pmoctily2", - "arn:aws:s3:::staging-inv-arcdashboard-sagebionet-websitebucket-vm8ncc5v2r7h", - "arn:aws:s3:::prod-inv-arcdashboard-sagebionetwor-websitebucket-1jdhcaenu9tlz" - ] - }, - { - "Sid": "AllObjectActions", - "Effect": "Allow", - "Action": [ "s3:PutObject", "s3:GetObject", "s3:DeleteObject", "s3:*Multipart*" ], - "Resource": [ - "arn:aws:s3:::staging.studies.mobiletoolbox.org/*", - "arn:aws:s3:::prod.studies.mobiletoolbox.org/*", - "arn:aws:s3:::staging-arcdashboard-sagebionetwork-websitebucket-bd4g741peby9/*", - "arn:aws:s3:::prod-arcdashboard-sagebionetworks-o-websitebucket-1f1fae0cp8k4e/*", - "arn:aws:s3:::staging-studies-bridgedigital-healt-websitebucket-llv54doyeqrl/*", - "arn:aws:s3:::staging-bridgedigital-health-static-websitebucket-16zqwmvoy16o/*", - "arn:aws:s3:::prod-bridgedigital-health-static-websitebucket-iadz6lysjo5v/*", - "arn:aws:s3:::prod-studies-bridgedigital-health-websitebucket-1rc2pmoctily2/*", - "arn:aws:s3:::staging-inv-arcdashboard-sagebionet-websitebucket-vm8ncc5v2r7h/*", - "arn:aws:s3:::prod-inv-arcdashboard-sagebionetwor-websitebucket-1jdhcaenu9tlz/*" - ] - }, - { - "Sid": "CloudfrontActions", - "Effect": "Allow", - "Action": [ "cloudfront:CreateInvalidation" ], - "Resource": [ - "arn:aws:cloudfront::797640923903:distribution/E2H7LCB4G4JGGA", - "arn:aws:cloudfront::797640923903:distribution/E1NB88XGDVLVG9", - "arn:aws:cloudfront::797640923903:distribution/EU2UCL46LHZST", - "arn:aws:cloudfront::797640923903:distribution/E4NMTZ3W9RYFH", - "arn:aws:cloudfront::797640923903:distribution/E3S5F61K1105VI", - "arn:aws:cloudfront::797640923903:distribution/E2ZGRN11WZ963H", - "arn:aws:cloudfront::797640923903:distribution/E1DXTVP92OX5WR", - "arn:aws:cloudfront::797640923903:distribution/E2EZ0TY3ZSTV6O", - "arn:aws:cloudfront::797640923903:distribution/E2U03A3USH7ASI", - "arn:aws:cloudfront::797640923903:distribution/E3VLOHRGISMQNR" - ] - } - ] - } - TemplatingContext: - GitHubOrg: "BridgeDigitalHealth" - Repositories: - - name: "open-bridge-web" - branches: [ "main", "feature", "staging", "production" ] - - name: "open-bridge-static" - branches: [ "main", "feature", "staging", "production" ] - DefaultOrganizationBinding: - Account: !Ref SageITAccount - Region: us-east-1 - GithubOidcAgoraInfraV3: Type: update-stacks DependsOn: GithubOidcSageBionetworks