From bb2b21e9d839a32ce6757d96238039ce34119815 Mon Sep 17 00:00:00 2001 From: Matt Dean Date: Wed, 4 Mar 2026 11:11:10 +0000 Subject: [PATCH] [NRL-1996] Remove perms lambda layer from acc-wide infra deploy --- .github/workflows/deploy-account-wide-infra.yml | 6 ------ .../dev/lambda__seed-sandbox.tf | 1 - .../modules/lambda-layers/layers.tf | 8 -------- .../modules/lambda-layers/outputs.tf | 5 ----- .../test/lambda__seed-sandbox.tf | 1 - 5 files changed, 21 deletions(-) diff --git a/.github/workflows/deploy-account-wide-infra.yml b/.github/workflows/deploy-account-wide-infra.yml index 0add566f3..fdd3b4a53 100644 --- a/.github/workflows/deploy-account-wide-infra.yml +++ b/.github/workflows/deploy-account-wide-infra.yml @@ -66,12 +66,6 @@ jobs: role-to-assume: ${{ secrets.MGMT_ROLE_ARN }} role-session-name: github-actions-ci-${{ inputs.environment }}-${{ github.run_id }} - - name: Add S3 Permissions to Lambda Layer - env: - ACCOUNT_NAME: ${{ vars.ACCOUNT_NAME }} - run: | - make get-s3-perms ENV=${ACCOUNT_NAME} - - name: Retrieve Server Certificates env: ACCOUNT_NAME: ${{ vars.ACCOUNT_NAME }} diff --git a/terraform/account-wide-infrastructure/dev/lambda__seed-sandbox.tf b/terraform/account-wide-infrastructure/dev/lambda__seed-sandbox.tf index 3c33d8660..da7a21cc5 100644 --- a/terraform/account-wide-infrastructure/dev/lambda__seed-sandbox.tf +++ b/terraform/account-wide-infrastructure/dev/lambda__seed-sandbox.tf @@ -20,7 +20,6 @@ module "seed_sandbox_lambda" { layers = [ module.shared_lambda_layers.nrlf_layer_arn, module.shared_lambda_layers.third_party_layer_arn, - module.shared_lambda_layers.nrlf_permissions_layer_arn ] table_names = local.seed_table_names diff --git a/terraform/account-wide-infrastructure/modules/lambda-layers/layers.tf b/terraform/account-wide-infrastructure/modules/lambda-layers/layers.tf index dbf78154a..502561612 100644 --- a/terraform/account-wide-infrastructure/modules/lambda-layers/layers.tf +++ b/terraform/account-wide-infrastructure/modules/lambda-layers/layers.tf @@ -23,11 +23,3 @@ resource "aws_lambda_layer_version" "third_party" { compatible_runtimes = ["python3.12"] description = "Third party dependencies layer (account-wide)" } - -resource "aws_lambda_layer_version" "nrlf_permissions" { - layer_name = "${var.name_prefix}--nrlf-permissions-layer" - filename = "${local.dist_dir}/${local.layer_zips.nrlf_permissions}" - source_code_hash = filebase64sha256("${local.dist_dir}/${local.layer_zips.nrlf_permissions}") - compatible_runtimes = ["python3.12"] - description = "NRLF permissions library layer (account-wide)" -} diff --git a/terraform/account-wide-infrastructure/modules/lambda-layers/outputs.tf b/terraform/account-wide-infrastructure/modules/lambda-layers/outputs.tf index e86ad3467..fd6a7e347 100644 --- a/terraform/account-wide-infrastructure/modules/lambda-layers/outputs.tf +++ b/terraform/account-wide-infrastructure/modules/lambda-layers/outputs.tf @@ -7,8 +7,3 @@ output "third_party_layer_arn" { description = "ARN of the third party dependencies Lambda layer" value = aws_lambda_layer_version.third_party.arn } - -output "nrlf_permissions_layer_arn" { - description = "ARN of the NRLF permissions Lambda layer" - value = aws_lambda_layer_version.nrlf_permissions.arn -} diff --git a/terraform/account-wide-infrastructure/test/lambda__seed-sandbox.tf b/terraform/account-wide-infrastructure/test/lambda__seed-sandbox.tf index 2647f6854..80fb466bc 100644 --- a/terraform/account-wide-infrastructure/test/lambda__seed-sandbox.tf +++ b/terraform/account-wide-infrastructure/test/lambda__seed-sandbox.tf @@ -21,7 +21,6 @@ module "seed_sandbox_lambda" { layers = [ module.shared_lambda_layers.nrlf_layer_arn, module.shared_lambda_layers.third_party_layer_arn, - module.shared_lambda_layers.nrlf_permissions_layer_arn ] table_names = local.seed_table_names