Closed henryborchers closed 9 months ago
We recently updated the Book Tracker to send SQS messages (#7) and it looks like we neglected to grant that permission to the book tracker's role. So, I just did that and launched another import and I'll keep an eye on it.
@genschmitt Do you know if there is any Terraform that we should update for this?
@adolski I checked the terraform repos and I don't see book trackers permissions anywhere. Adding from the console is good for now, this is likely something we would want to transition to Terraform at some point in the future.
Thanks @genschmitt!
@gaurijo, I've created #53 for you. BTW, here is what I did to add the permission to the role (I pretty much always forget to do this when modifying an app to use a new AWS service):
(Although, after #53 is done, we shouldn't do it this way anymore.)
I'm unable import records in Booktracker.
When I try I get the following error.
Import failed: User: arn:aws:sts::721945215539:assumed-role/ECS-book-tracker-role/db2b87ae8e3544b787da8a2f49a3c9be is not authorized to perform: sqs:sendmessage on resource: arn:aws:sqs:us-east-2:721945215539:book-tracker-prod because no identity-based policy allows the sqs:sendmessage action