diff --git a/services/terraform/modules/shared/dynamodb.tf b/services/terraform/modules/shared/dynamodb.tf --- a/services/terraform/modules/shared/dynamodb.tf +++ b/services/terraform/modules/shared/dynamodb.tf @@ -45,39 +45,6 @@ } } -resource "aws_dynamodb_table" "blob-service-blob" { - name = "blob-service-blob" - hash_key = "blobHash" - billing_mode = "PAY_PER_REQUEST" - - attribute { - name = "blobHash" - type = "S" - } -} - -resource "aws_dynamodb_table" "blob-service-reverse-index" { - name = "blob-service-reverse-index" - hash_key = "holder" - billing_mode = "PAY_PER_REQUEST" - - attribute { - name = "holder" - type = "S" - } - - attribute { - name = "blobHash" - type = "S" - } - - global_secondary_index { - name = "blobHash-index" - hash_key = "blobHash" - projection_type = "ALL" - } -} - resource "aws_dynamodb_table" "blob-service-blobs" { name = "blob-service-blobs" hash_key = "blob_hash" @@ -257,10 +224,10 @@ } resource "aws_dynamodb_table" "identity-one-time-keys" { - name = "identity-one-time-keys" - hash_key = "deviceID" - range_key = "oneTimeKey" - billing_mode = "PAY_PER_REQUEST" + name = "identity-one-time-keys" + hash_key = "deviceID" + range_key = "oneTimeKey" + billing_mode = "PAY_PER_REQUEST" attribute { name = "deviceID" diff --git a/services/terraform/remote/service_blob.tf b/services/terraform/remote/service_blob.tf --- a/services/terraform/remote/service_blob.tf +++ b/services/terraform/remote/service_blob.tf @@ -2,9 +2,7 @@ blob_service_image_tag = local.is_staging ? "latest" : "0.2.0" blob_service_container_name = "blob-service-server" blob_service_server_image = "commapp/blob-server:${local.blob_service_image_tag}" - blob_service_container_http_port = 51001 - blob_service_container_grpc_port = 50051 - blob_service_grpc_public_port = 50053 + blob_service_container_http_port = 50053 blob_service_domain_name = "blob.${local.root_domain}" blob_service_s3_bucket = "commapp-blob${local.s3_bucket_name_suffix}" } @@ -22,12 +20,6 @@ containerPort = local.blob_service_container_http_port protocol = "tcp" appProtocol = "http" - }, - { - name = "blob-service-ecs-grpc" - containerPort = local.blob_service_container_grpc_port - protocol = "tcp" - appProtocol = "grpc" } ] environment = [ @@ -84,13 +76,6 @@ container_port = local.blob_service_container_http_port } - # gRPC - load_balancer { - target_group_arn = aws_lb_target_group.blob_service_grpc.arn - container_name = local.blob_service_container_name - container_port = local.blob_service_container_grpc_port - } - deployment_circuit_breaker { enable = true rollback = true @@ -110,14 +95,6 @@ description = "HTTP port" } - ingress { - from_port = local.blob_service_container_grpc_port - to_port = local.blob_service_container_grpc_port - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - description = "gRPC port" - } - # Allow all outbound traffic egress { from_port = 0 @@ -151,23 +128,6 @@ } } -resource "aws_lb_target_group" "blob_service_grpc" { - name = "blob-service-ecs-grpc-tg" - port = local.blob_service_container_grpc_port - protocol = "HTTP" - protocol_version = "GRPC" - vpc_id = aws_vpc.default.id - - # The "bridge" network mode requires target type set to instance - target_type = "instance" - - health_check { - enabled = true - healthy_threshold = 2 - unhealthy_threshold = 3 - } -} - # Load Balancer resource "aws_lb" "blob_service" { load_balancer_type = "application" @@ -220,24 +180,6 @@ } } -resource "aws_lb_listener" "blob_service_grpc" { - load_balancer_arn = aws_lb.blob_service.arn - port = local.blob_service_grpc_public_port - protocol = "HTTPS" - ssl_policy = "ELBSecurityPolicy-TLS13-1-2-2021-06" - certificate_arn = data.aws_acm_certificate.blob_service.arn - - default_action { - type = "forward" - target_group_arn = aws_lb_target_group.blob_service_grpc.arn - } - - lifecycle { - # Target group cannot be destroyed if it is used - replace_triggered_by = [aws_lb_target_group.blob_service_grpc] - } -} - # SSL Certificate data "aws_acm_certificate" "blob_service" { domain = local.blob_service_domain_name