From f8894e72818bde6ebd64bf3f6613b9ff770add58 Mon Sep 17 00:00:00 2001
From: Daniel van der Ploeg <danielvdp56@gmail.com>
Date: Mon, 27 May 2024 11:06:35 +0930
Subject: [PATCH] Revert "feat: add ecs tag permission to pipe"

---
 packages/graphql-mesh-server/lib/pipeline.ts | 24 +-------------------
 1 file changed, 1 insertion(+), 23 deletions(-)

diff --git a/packages/graphql-mesh-server/lib/pipeline.ts b/packages/graphql-mesh-server/lib/pipeline.ts
index 47a019ce..13466401 100644
--- a/packages/graphql-mesh-server/lib/pipeline.ts
+++ b/packages/graphql-mesh-server/lib/pipeline.ts
@@ -10,12 +10,7 @@ import * as path from "path";
 import * as YAML from "yaml";
 import { NodejsFunction } from "aws-cdk-lib/aws-lambda-nodejs";
 import { Runtime } from "aws-cdk-lib/aws-lambda";
-import {
-  Effect,
-  PolicyStatement,
-  Role,
-  ServicePrincipal,
-} from "aws-cdk-lib/aws-iam";
+import { Effect, PolicyStatement } from "aws-cdk-lib/aws-iam";
 import { Topic } from "aws-cdk-lib/aws-sns";
 import { LambdaSubscription } from "aws-cdk-lib/aws-sns-subscriptions";
 import {
@@ -118,22 +113,6 @@ export class CodePipelineService extends Construct {
         }),
       ],
     });
-
-    const tagECSPermission = new PolicyStatement({
-      sid: "AllowTaggingEcsResource",
-      actions: ["ecs:TagResource"],
-      resources: [
-        `arn:aws:ecs:${Stack.of(this).region}:*:task/${
-          props.service.cluster.clusterName
-        }/*`,
-      ],
-    });
-
-    const tagECSRole = new Role(this, "tagEcsRole", {
-      assumedBy: new ServicePrincipal("ecs-tasks.amazonaws.com"),
-    });
-    tagECSRole.addToPolicy(tagECSPermission);
-
     this.pipeline.addStage({
       stageName: "Deploy",
       actions: [
@@ -142,7 +121,6 @@ export class CodePipelineService extends Construct {
           service: props.service,
           input: buildOutput,
           deploymentTimeout: Duration.minutes(10),
-          role: tagECSRole,
         }),
       ],
     });