fqd2 #23

	name: change infra

	on:
	push:
	branches: ["master"]
	paths:
	# changes to these files will trigger github runner
	- .github/workflows/ci.yml
	# - main.go

	jobs:
	infra-change:
	runs-on: ubuntu-latest
	steps:
	- uses: pulumi/actions@v6
	- name: change
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	POSTGRES_PASSWORD: ${{ secrets.POSTGRES_PASSWORD }}
	PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
	run: \|
	printf '%s\n' "arn:aws:iam::aws:policy/AmazonS3FullAccess" "arn:aws:iam::aws:policy/AmazonECS_FullAccess" "arn:aws:iam::aws:policy/ElasticLoadBalancingFullAccess" "arn:aws:iam::aws:policy/CloudWatchEventsFullAccess" "arn:aws:iam::aws:policy/AmazonEC2FullAccess" "arn:aws:iam::aws:policy/AmazonVPCFullAccess" "arn:aws:iam::aws:policy/SecretsManagerReadWrite" "arn:aws:iam::aws:policy/AmazonElasticFileSystemFullAccess" "arn:aws:iam::aws:policy/AmazonRDSFullAccess" \| xargs -I {} aws iam attach-group-policy --group-name pulumi --policy-arn {}
	pulumi stack select joevizcara-org/aws-go-proj/aws-go-dev
	pulumi refresh --yes
	pulumi state upgrade
	pulumi up --yes
	# pulumi destroy --yes # comment the line of code above and uncomment this line to destroy the aws resources

Provide feedback