@AgentWrapperchecks…feat/worker-terraform → next23 files · +1525 −34updated 4mo agoAdds always-on worker service for fast workflow execution (~2s vs ~100s Fargate cold start).
common/worker.py - listens for workflows via pg_notifytask_mode: "worker" in workflow config/apply-stagingfeature_flags: {"task_mode": "worker"}🤖 Generated with Claude Code
Fixed all bugbot issues in latest commit:
/apply-staging
ℹ️ Note: The
Plan: 4 to add, 4 to change, 4 to destroy.output is always expected due to a known Terraform AWS provider issue. ECS task definitions show asmust be replacedon every plan because the provider stores container definitions in a different order than AWS returns them. This is cosmetic only - real changes (new images, env vars) are still detected correctly.
module.doppler_aws_secrets.data.external.env_vars: Reading...
module.github_actions_role.data.tls_certificate.github: Reading...
module.rds.random_password.readonly[0]: Refreshing state... [id=none]
module.rds.random_password.master[0]: Refreshing state... [id=none]
module.doppler_aws_secrets.doppler_environment.config: Refreshing state... [id=integrator.staging]
module.datadog_log_pipeline.datadog_apm_retention_filter.error_traces: Refreshing state... [id=h17q4OSSSEie8lqpAgBYyw]
module.datadog_log_pipeline.datadog_apm_retention_filter.llmobs_traces: Refreshing state... [id=-mP2s46hR6yaYgMyEICDtg]
module.datadog_log_pipeline.datadog_logs_index.integrator: Refreshing state... [id=integrator-staging]
module.github_actions_role.data.tls_certificate.github: Read complete after 0s [id=772ed8785f2c647baa040d3a1b4aa6cafacb6267]
module.datadog_log_pipeline.datadog_logs_custom_pipeline.integrator_json: Refreshing state... [id=Hfi5qZBoQXq00jWU_RovcA]
module.doppler_aws_secrets.aws_iam_role.doppler_secrets_manager: Refreshing state... [id=integrator-staging-doppler-secrets-manager-role]
module.ecs_api.data.aws_vpc.selected: Reading...
module.ecs_api.aws_cloudwatch_log_group.worker_logs: Refreshing state... [id=/ecs/integrator/staging/worker]
data.aws_vpc.default: Reading...
module.github_actions_role.data.aws_caller_identity.current: Reading...
data.aws_iam_openid_connect_provider.github: Reading...
module.github_actions_role.data.aws_caller_identity.current: Read complete after 0s [id=256586139593]
module.rds.data.aws_region.current: Reading...
module.rds.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.ecs_api.aws_cloudwatch_log_group.migrations_logs: Refreshing state... [id=/ecs/integrator/staging/migrations]
module.ecs_api.aws_cloudwatch_log_group.poller_logs: Refreshing state... [id=/ecs/integrator/staging/poller]
module.artifacts_bucket.aws_s3_bucket.this: Refreshing state... [id=integrator-artifacts-staging]
data.aws_iam_openid_connect_provider.github: Read complete after 1s [id=arn:aws:iam::256586139593:oidc-provider/token.actions.githubusercontent.com]
module.doppler_aws_secrets.data.external.env_vars: Read complete after 1s [id=-]
module.ai_agent_debugging_role.data.aws_caller_identity.current: Reading...
module.ecs_api.aws_iam_policy.ecs_exec: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-staging-api-ecs-exec-policy]
module.ecs_api.aws_cloudwatch_log_group.api_logs: Refreshing state... [id=/ecs/integrator/staging/api]
module.knowledge_bucket.aws_s3_bucket.this: Refreshing state... [id=integrator-knowledge-staging]
module.ai_agent_debugging_role.data.aws_caller_identity.current: Read complete after 0s [id=256586139593]
module.ecs_api.data.aws_ecr_repository.api[0]: Reading...
module.rds.aws_db_parameter_group.main: Refreshing state... [id=integrator-staging-postgres-20251121173128166300000001]
module.doppler_aws_secrets.aws_iam_policy.doppler_secrets_manager: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-staging-doppler-secrets-manager-policy]
module.rds.aws_secretsmanager_secret.master_password[0]: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:256586139593:secret:integrator/staging/rds-master-password-4QWym0]
module.rds.aws_secretsmanager_secret.readonly_password[0]: Refreshing state... [id=integrator/staging/rds-readonly-password]
data.aws_caller_identity.current: Reading...
data.aws_caller_identity.current: Read complete after 0s [id=256586139593]
module.ecs_api.aws_iam_role.api_task: Refreshing state... [id=integrator-staging-api-task-role]
module.ecs_api.data.aws_caller_identity.current: Reading...
module.ecs_api.data.aws_ecs_cluster.default: Reading...
module.ecs_api.aws_iam_policy.api_s3_access: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-staging-api-s3-access-policy]
module.ecs_api.data.aws_caller_identity.current: Read complete after 0s [id=256586139593]
module.ecs_api.aws_iam_role.api_task_execution: Refreshing state... [id=integrator-staging-api-task-execution-role]
module.doppler_aws_secrets.data.doppler_secrets.existing: Reading...
module.ecs_api.data.aws_ecs_cluster.default: Read complete after 0s [id=arn:aws:ecs:us-east-1:256586139593:cluster/default]
module.doppler_aws_secrets.doppler_integration_aws_secrets_manager.integration: Refreshing state... [id=44a390e7-e35d-44e3-a573-6476e776f406]
module.ai_agent_debugging_role.aws_iam_role.ai_agent_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging]
module.rds.aws_secretsmanager_secret_version.readonly_password[0]: Refreshing state... [id=integrator/staging/rds-readonly-password|terraform-20260115132739255000000001]
module.rds.aws_secretsmanager_secret_version.master_password[0]: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:256586139593:secret:integrator/staging/rds-master-password-4QWym0|terraform-20251128130346365300000002]
module.doppler_aws_secrets.aws_iam_role_policy_attachment.doppler_secrets_manager: Refreshing state... [id=integrator-staging-doppler-secrets-manager-role-20251117112527179200000001]
module.ecs_api.aws_iam_role_policy_attachment.api_ecs_exec: Refreshing state... [id=integrator-staging-api-task-role-20260110152557084500000001]
module.github_actions_role.aws_iam_role.github_actions: Refreshing state... [id=integrator-github-actions-staging]
data.aws_vpc.default: Read complete after 1s [id=vpc-0529dea5160deb846]
module.ecs_api.aws_iam_role_policy_attachment.api_s3_access: Refreshing state... [id=integrator-staging-api-task-role-20260120083935976400000001]
module.ecs_api.data.aws_vpc.selected: Read complete after 1s [id=vpc-0529dea5160deb846]
module.artifacts_bucket.aws_s3_bucket_lifecycle_configuration.this: Refreshing state... [id=integrator-artifacts-staging]
module.artifacts_bucket.aws_s3_bucket_server_side_encryption_configuration.this: Refreshing state... [id=integrator-artifacts-staging]
module.artifacts_bucket.aws_s3_bucket_public_access_block.this: Refreshing state... [id=integrator-artifacts-staging]
module.doppler_aws_secrets.data.doppler_secrets.existing: Read complete after 0s [id=integrator.staging]
module.ecs_api.aws_iam_role_policy_attachment.api_task_execution: Refreshing state... [id=integrator-staging-api-task-execution-role-20251121173131958900000005]
data.aws_subnets.public: Reading...
module.ecs_api.aws_security_group.alb: Refreshing state... [id=sg-0f268d8e0027eaad9]
module.ecs_api.aws_lb_target_group.api: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:256586139593:targetgroup/integrator-staging-api-tg/4ebc38c1a3c18f91]
module.ecs_api.data.aws_subnets.public: Reading...
module.doppler_aws_secrets.doppler_secret.secrets["ENCRYPTION_KEY"]: Refreshing state... [id=integrator.staging.ENCRYPTION_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_INSTACART_API_KEY"]: Refreshing state... [id=integrator.staging.COMPOSIO_INSTACART_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["ANTHROPIC_API_KEY"]: Refreshing state... [id=integrator.staging.ANTHROPIC_API_KEY]
data.aws_subnets.public: Read complete after 0s [id=us-east-1]
module.doppler_aws_secrets.doppler_secret.secrets["APOLLO_ADMIN_TOKEN"]: Refreshing state... [id=integrator.staging.APOLLO_ADMIN_TOKEN]
module.ecs_api.data.aws_subnets.public: Read complete after 0s [id=us-east-1]
module.doppler_aws_secrets.doppler_secret.secrets["TEST_CONNECTION_ID"]: Refreshing state... [id=integrator.staging.TEST_CONNECTION_ID]
module.ecs_api.data.aws_ecr_repository.api[0]: Read complete after 0s [id=integrator-api]
module.doppler_aws_secrets.doppler_secret.secrets["APOLLO_URL"]: Refreshing state... [id=integrator.staging.APOLLO_URL]
module.doppler_aws_secrets.doppler_secret.secrets["BRANDFETCH_API_KEY"]: Refreshing state... [id=integrator.staging.BRANDFETCH_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["SLACK_BOT_TOKEN"]: Refreshing state... [id=integrator.staging.SLACK_BOT_TOKEN]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_YELP_API_KEY"]: Refreshing state... [id=integrator.staging.COMPOSIO_YELP_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_TAVILY_API_KEY"]: Refreshing state... [id=integrator.staging.COMPOSIO_TAVILY_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["LINEAR_API_KEY"]: Refreshing state... [id=integrator.staging.LINEAR_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["THERMOS_USERNAME"]: Refreshing state... [id=integrator.staging.THERMOS_USERNAME]
module.doppler_aws_secrets.doppler_secret.secrets["CLICKHOUSE_PASSWORD"]: Refreshing state... [id=integrator.staging.CLICKHOUSE_PASSWORD]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_EXA_API_KEY"]: Refreshing state... [id=integrator.staging.COMPOSIO_EXA_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["GITHUB_ACCESS_TOKEN"]: Refreshing state... [id=integrator.staging.GITHUB_ACCESS_TOKEN]
module.doppler_aws_secrets.doppler_secret.secrets["ZAPIER_PATH"]: Refreshing state... [id=integrator.staging.ZAPIER_PATH]
module.doppler_aws_secrets.doppler_secret.secrets["GITHUB_REVIEWER_TOKEN"]: Refreshing state... [id=integrator.staging.GITHUB_REVIEWER_TOKEN]
module.doppler_aws_secrets.doppler_secret.secrets["USE_APOLLO_GET_DOWNLOAD_URL_API"]: Refreshing state... [id=integrator.staging.USE_APOLLO_GET_DOWNLOAD_URL_API]
module.doppler_aws_secrets.doppler_secret.secrets["LANGSMITH_TRACING"]: Refreshing state... [id=integrator.staging.LANGSMITH_TRACING]
module.doppler_aws_secrets.doppler_secret.secrets["THERMOS_PORT"]: Refreshing state... [id=integrator.staging.THERMOS_PORT]
module.doppler_aws_secrets.doppler_secret.secrets["CLICKHOUSE_USERNAME"]: Refreshing state... [id=integrator.staging.CLICKHOUSE_USERNAME]
module.doppler_aws_secrets.doppler_secret.secrets["WATCHDOG_MAX_FIXERS_PER_DAY"]: Refreshing state... [id=integrator.staging.WATCHDOG_MAX_FIXERS_PER_DAY]
module.doppler_aws_secrets.doppler_secret.secrets["THERMOS_HOST"]: Refreshing state... [id=integrator.staging.THERMOS_HOST]
module.doppler_aws_secrets.doppler_secret.secrets["DD_API_KEY"]: Refreshing state... [id=integrator.staging.DD_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["AZURE_OPENAI_ENDPOINT_URL"]: Refreshing state... [id=integrator.staging.AZURE_OPENAI_ENDPOINT_URL]
module.doppler_aws_secrets.doppler_secret.secrets["NOTION_API_KEY"]: Refreshing state... [id=integrator.staging.NOTION_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["WATCHDOG_BATCH_POLLER_DISABLED"]: Refreshing state... [id=integrator.staging.WATCHDOG_BATCH_POLLER_DISABLED]
module.doppler_aws_secrets.doppler_secret.secrets["TOOLS_DATABASE_URL"]: Refreshing state... [id=integrator.staging.TOOLS_DATABASE_URL]
module.doppler_aws_secrets.doppler_secret.secrets["LANGSMITH_ENDPOINT"]: Refreshing state... [id=integrator.staging.LANGSMITH_ENDPOINT]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_WEBHOOK_SECRET"]: Refreshing state... [id=integrator.staging.COMPOSIO_WEBHOOK_SECRET]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_GEMINI_API_KEY"]: Refreshing state... [id=integrator.staging.COMPOSIO_GEMINI_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["GROQ_API_KEY"]: Refreshing state... [id=integrator.staging.GROQ_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_SERPAPI_API_KEY"]: Refreshing state... [id=integrator.staging.COMPOSIO_SERPAPI_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["TWITTER_API_SECRET"]: Refreshing state... [id=integrator.staging.TWITTER_API_SECRET]
module.doppler_aws_secrets.doppler_secret.secrets["DISABLE_MERCURY_CLEANUP"]: Refreshing state... [id=integrator.staging.DISABLE_MERCURY_CLEANUP]
module.doppler_aws_secrets.doppler_secret.secrets["THERMOS_DATABASE"]: Refreshing state... [id=integrator.staging.THERMOS_DATABASE]
module.doppler_aws_secrets.doppler_secret.secrets["TWITTER_API_KEY"]: Refreshing state... [id=integrator.staging.TWITTER_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["BACKEND_READONLY_URL"]: Refreshing state... [id=integrator.staging.BACKEND_READONLY_URL]
module.doppler_aws_secrets.doppler_secret.secrets["AZURE_OPENAI_SUBSCRIPTION_KEY"]: Refreshing state... [id=integrator.staging.AZURE_OPENAI_SUBSCRIPTION_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["FIRECRAWL_API_KEY"]: Refreshing state... [id=integrator.staging.FIRECRAWL_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["STATSD_METRICS_FLUSH_WAIT_TIME_SECS"]: Refreshing state... [id=integrator.staging.STATSD_METRICS_FLUSH_WAIT_TIME_SECS]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_API_KEY"]: Refreshing state... [id=integrator.staging.COMPOSIO_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["THERMOS_PASSWORD"]: Refreshing state... [id=integrator.staging.THERMOS_PASSWORD]
module.doppler_aws_secrets.doppler_secret.secrets["OPENAI_API_KEY"]: Refreshing state... [id=integrator.staging.OPENAI_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["HELICONE_API_KEY"]: Refreshing state... [id=integrator.staging.HELICONE_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["MERCURY_AUTOLOAD"]: Refreshing state... [id=integrator.staging.MERCURY_AUTOLOAD]
module.doppler_aws_secrets.doppler_secret.secrets["LANGSMITH_API_KEY"]: Refreshing state... [id=integrator.staging.LANGSMITH_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["PERPLEXITY_API_KEY"]: Refreshing state... [id=integrator.staging.PERPLEXITY_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["PYTHONPATH"]: Refreshing state... [id=integrator.staging.PYTHONPATH]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_STAGING_ADMIN_TOKEN"]: Refreshing state... [id=integrator.staging.COMPOSIO_STAGING_ADMIN_TOKEN]
module.doppler_aws_secrets.doppler_secret.secrets["ANCHOR_API_KEY"]: Refreshing state... [id=integrator.staging.ANCHOR_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_ADMIN_TOKEN"]: Refreshing state... [id=integrator.staging.COMPOSIO_ADMIN_TOKEN]
module.doppler_aws_secrets.doppler_secret.secrets["VERCEL_AI_GATEWAY_API_KEY"]: Refreshing state... [id=integrator.staging.VERCEL_AI_GATEWAY_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_STAGING_API_KEY"]: Refreshing state... [id=integrator.staging.COMPOSIO_STAGING_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_SEATGEEK_KEY"]: Refreshing state... [id=integrator.staging.COMPOSIO_SEATGEEK_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["PIPEDREAM_PATH"]: Refreshing state... [id=integrator.staging.PIPEDREAM_PATH]
module.knowledge_bucket.aws_s3_bucket_lifecycle_configuration.this: Refreshing state... [id=integrator-knowledge-staging]
module.knowledge_bucket.aws_s3_bucket_server_side_encryption_configuration.this: Refreshing state... [id=integrator-knowledge-staging]
module.knowledge_bucket.aws_s3_bucket_public_access_block.this: Refreshing state... [id=integrator-knowledge-staging]
module.knowledge_bucket.aws_s3_bucket_versioning.this[0]: Refreshing state... [id=integrator-knowledge-staging]
module.rds.data.aws_vpc.selected: Reading...
module.ecs_api.aws_security_group.api: Refreshing state... [id=sg-06a8634c658cb6242]
module.github_actions_role.aws_iam_role_policy.cloudwatch_logs: Refreshing state... [id=integrator-github-actions-staging:integrator-github-actions-staging-cloudwatch-logs-policy]
module.github_actions_role.aws_iam_role_policy_attachment.terraform_admin[0]: Refreshing state... [id=integrator-github-actions-staging-20260115154744404400000001]
module.ai_agent_debugging_role.aws_iam_role_policy.rds_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-rds-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.cloudwatch_logs_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-cloudwatch-logs-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.ecr_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-ecr-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.secrets_manager_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-secrets-manager-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.deny_privilege_escalation: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-deny-privilege-escalation]
module.ai_agent_debugging_role.aws_iam_role_policy.alb_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-alb-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.cloudwatch_metrics_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-cloudwatch-metrics-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.s3_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-s3-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.vpc_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-vpc-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.iam_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-iam-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.ecs_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-ecs-policy]
module.rds.aws_db_subnet_group.main: Refreshing state... [id=integrator-staging-db-subnet-group]
module.ecs_api.aws_lb.api: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:256586139593:loadbalancer/app/integrator-staging-alb/5e4f301bcd0263cb]
github_actions_secret.aws_role_arn: Refreshing state... [id=integrator:AWS_ROLE_ARN_STAGING]
github_actions_secret.ecs_subnets: Refreshing state... [id=integrator:ECS_SUBNETS_STAGING]
github_actions_secret.ecs_security_groups: Refreshing state... [id=integrator:ECS_SECURITY_GROUPS_STAGING]
module.doppler_aws_secrets.doppler_secrets_sync_aws_secrets_manager.sync: Refreshing state... [id=3cddcf0b-4014-410d-a552-88d3e5022617]
module.rds.data.aws_vpc.selected: Read complete after 0s [id=vpc-0529dea5160deb846]
module.rds.aws_security_group.rds: Refreshing state... [id=sg-0c78e576a056ba44a]
module.ecs_api.aws_lb_listener.http: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:256586139593:listener/app/integrator-staging-alb/5e4f301bcd0263cb/d7549a73fdd1a11a]
module.doppler_aws_secrets.null_resource.wait_for_secrets: Refreshing state... [id=4989053128215798288]
module.doppler_aws_secrets.data.aws_secretsmanager_secrets.synced: Reading...
module.rds.aws_db_instance.main: Refreshing state... [id=db-I57KURHD3UXFT56QM2OTWRW7TQ]
module.doppler_aws_secrets.data.aws_secretsmanager_secrets.synced: Read complete after 0s [id=us-east-1]
module.rds.null_resource.create_readonly_user[0]: Refreshing state... [id=3885368352693534014]
module.ecs_api.aws_ecs_task_definition.migrations: Refreshing state... [id=integrator-staging-migrations]
module.ecs_background_runner.data.aws_caller_identity.current: Reading...
module.ecs_background_runner.aws_iam_policy.s3_knowledge_access: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-staging-s3-knowledge-access]
module.ecs_background_runner.aws_cloudwatch_log_group.ecs_task_events: Refreshing state... [id=/aws/events/integrator/staging/ecs-task-state-change]
module.ecs_background_runner.data.aws_ecs_cluster.default[0]: Reading...
module.ecs_background_runner.aws_iam_role.task_execution: Refreshing state... [id=integrator-staging-ecs-task-execution-role]
module.ecs_background_runner.data.aws_ecr_repository.background_runner[0]: Reading...
module.ecs_background_runner.aws_cloudwatch_log_group.task_logs: Refreshing state... [id=/ecs/integrator/staging/background-runner]
module.ecs_background_runner.data.aws_caller_identity.current: Read complete after 0s [id=256586139593]
module.ecs_background_runner.aws_iam_role.task: Refreshing state... [id=integrator-staging-ecs-task-role]
module.ecs_background_runner.aws_iam_policy.ecs_exec: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-staging-ecs-exec-policy]
module.ecs_background_runner.aws_iam_policy.secrets_manager_access: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-staging-ecs-secrets-access]
module.ecs_api.aws_iam_policy.api_secrets_access: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-staging-api-secrets-access]
module.ecs_background_runner.data.aws_ecs_cluster.default[0]: Read complete after 0s [id=arn:aws:ecs:us-east-1:256586139593:cluster/default]
module.ecs_background_runner.aws_cloudwatch_event_rule.ecs_task_state_change: Refreshing state... [id=integrator-staging-ecs-task-state-change]
module.ecs_api.aws_ecs_task_definition.poller: Refreshing state... [id=integrator-staging-poller]
module.ecs_api.aws_ecs_service.poller: Refreshing state... [id=arn:aws:ecs:us-east-1:256586139593:service/default/integrator-staging-poller]
module.ecs_background_runner.aws_iam_role_policy_attachment.s3_knowledge_access: Refreshing state... [id=integrator-staging-ecs-task-role-20260110152558095500000002]
module.ecs_background_runner.aws_iam_role_policy_attachment.task_execution: Refreshing state... [id=integrator-staging-ecs-task-execution-role-20251121173130862100000002]
module.ecs_background_runner.aws_iam_role_policy_attachment.secrets_access: Refreshing state... [id=integrator-staging-ecs-task-execution-role-20251121173131402400000003]
module.ecs_background_runner.aws_iam_role_policy_attachment.ecs_exec: Refreshing state... [id=integrator-staging-ecs-task-role-20251121173131775000000004]
module.ecs_api.aws_iam_role_policy_attachment.api_secrets_access: Refreshing state... [id=integrator-staging-api-task-execution-role-20251127102440078700000001]
module.ecs_background_runner.aws_cloudwatch_event_target.ecs_task_state_change_logs: Refreshing state... [id=integrator-staging-ecs-task-state-change-LogTaskStateChanges]
module.ecs_background_runner.data.aws_ecr_repository.background_runner[0]: Read complete after 1s [id=integrator-background-runner]
module.github_actions_role.aws_iam_role_policy.ecr: Refreshing state... [id=integrator-github-actions-staging:integrator-github-actions-staging-ecr-policy]
module.ecs_background_runner.aws_ecs_task_definition.background_runner: Refreshing state... [id=integrator-staging-background-runner]
module.ecs_api.aws_iam_policy.launch_background_runner: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-staging-api-launch-tasks-policy]
module.ecs_api.aws_ecs_task_definition.worker: Refreshing state... [id=integrator-staging-worker]
module.ecs_api.aws_ecs_task_definition.api: Refreshing state... [id=integrator-staging-api]
module.ecs_api.aws_ecs_service.api: Refreshing state... [id=arn:aws:ecs:us-east-1:256586139593:service/default/integrator-staging-api]
module.ecs_api.aws_iam_role_policy_attachment.api_launch_tasks: Refreshing state... [id=integrator-staging-api-task-role-20251121182311833700000002]
module.ecs_api.aws_ecs_service.worker: Refreshing state... [id=arn:aws:ecs:us-east-1:256586139593:service/default/integrator-staging-worker]
module.github_actions_role.aws_iam_role_policy.ecs: Refreshing state... [id=integrator-github-actions-staging:integrator-github-actions-staging-ecs-policy]
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
~ update in-place
-/+ destroy and then create replacement
Terraform will perform the following actions:
# module.ecs_api.aws_ecs_service.api will be updated in-place
~ resource "aws_ecs_service" "api" {
id = "arn:aws:ecs:us-east-1:256586139593:service/default/integrator-staging-api"
name = "integrator-staging-api"
tags = {
"Environment" = "staging"
"ManagedBy" = "Terraform"
"Name" = "integrator-staging-api-service"
}
~ task_definition = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-api:82" -> (known after apply)
# (16 unchanged attributes hidden)
# (4 unchanged blocks hidden)
}
# module.ecs_api.aws_ecs_service.poller will be updated in-place
~ resource "aws_ecs_service" "poller" {
id = "arn:aws:ecs:us-east-1:256586139593:service/default/integrator-staging-poller"
name = "integrator-staging-poller"
tags = {
"Environment" = "staging"
"ManagedBy" = "Terraform"
"Name" = "integrator-staging-poller-service"
}
~ task_definition = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-poller:68" -> (known after apply)
# (16 unchanged attributes hidden)
# (3 unchanged blocks hidden)
}
# module.ecs_api.aws_ecs_service.worker will be updated in-place
~ resource "aws_ecs_service" "worker" {
id = "arn:aws:ecs:us-east-1:256586139593:service/default/integrator-staging-worker"
name = "integrator-staging-worker"
tags = {
"Environment" = "staging"
"ManagedBy" = "Terraform"
"Name" = "integrator-staging-worker-service"
}
~ task_definition = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-worker:5" -> (known after apply)
# (16 unchanged attributes hidden)
# (3 unchanged blocks hidden)
}
# module.ecs_api.aws_ecs_task_definition.api must be replaced
-/+ resource "aws_ecs_task_definition" "api" {
~ arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-api:82" -> (known after apply)
~ arn_without_revision = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-api" -> (known after apply)
~ container_definitions = (sensitive value) # forces replacement
~ enable_fault_injection = false -> (known after apply)
~ id = "integrator-staging-api" -> (known after apply)
~ revision = 82 -> (known after apply)
tags = {
"Environment" = "staging"
"ManagedBy" = "Terraform"
"Name" = "integrator-staging-api"
}
# (10 unchanged attributes hidden)
}
# module.ecs_api.aws_ecs_task_definition.poller must be replaced
-/+ resource "aws_ecs_task_definition" "poller" {
~ arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-poller:68" -> (known after apply)
~ arn_without_revision = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-poller" -> (known after apply)
~ container_definitions = (sensitive value) # forces replacement
~ enable_fault_injection = false -> (known after apply)
~ id = "integrator-staging-poller" -> (known after apply)
~ revision = 68 -> (known after apply)
tags = {
"Environment" = "staging"
"ManagedBy" = "Terraform"
"Name" = "integrator-staging-poller"
}
# (10 unchanged attributes hidden)
}
# module.ecs_api.aws_ecs_task_definition.worker must be replaced
-/+ resource "aws_ecs_task_definition" "worker" {
~ arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-worker:5" -> (known after apply)
~ arn_without_revision = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-worker" -> (known after apply)
~ container_definitions = (sensitive value) # forces replacement
~ enable_fault_injection = false -> (known after apply)
~ id = "integrator-staging-worker" -> (known after apply)
~ revision = 5 -> (known after apply)
tags = {
"Environment" = "staging"
"ManagedBy" = "Terraform"
"Name" = "integrator-staging-worker"
}
# (10 unchanged attributes hidden)
}
# module.ecs_api.aws_iam_policy.launch_background_runner will be updated in-place
~ resource "aws_iam_policy" "launch_background_runner" {
id = "arn:aws:iam::256586139593:policy/integrator-staging-api-launch-tasks-policy"
name = "integrator-staging-api-launch-tasks-policy"
~ policy = jsonencode(
{
- Statement = [
- {
- Action = [
- "ecs:RunTask",
- "ecs:DescribeTasks",
- "ecs:StopTask",
- "ecs:ListTasks",
]
- Effect = "Allow"
- Resource = [
- "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-background-runner:*",
- "arn:aws:ecs:us-east-1:256586139593:task/default/*",
]
},
- {
- Action = [
- "iam:PassRole",
]
- Condition = {
- StringEquals = {
- "iam:PassedToService" = "ecs-tasks.amazonaws.com"
}
}
- Effect = "Allow"
- Resource = [
- "arn:aws:iam::256586139593:role/integrator-staging-ecs-task-execution-role",
- "arn:aws:iam::256586139593:role/integrator-staging-ecs-task-role",
]
},
]
- Version = "2012-10-17"
}
) -> (known after apply)
tags = {
"Environment" = "staging"
"ManagedBy" = "Terraform"
"Name" = "integrator-staging-api-launch-tasks-policy"
}
# (6 unchanged attributes hidden)
}
# module.ecs_background_runner.aws_ecs_task_definition.background_runner must be replaced
-/+ resource "aws_ecs_task_definition" "background_runner" {
~ arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-background-runner:83" -> (known after apply)
~ arn_without_revision = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-background-runner" -> (known after apply)
~ container_definitions = (sensitive value) # forces replacement
~ enable_fault_injection = false -> (known after apply)
~ id = "integrator-staging-background-runner" -> (known after apply)
~ revision = 83 -> (known after apply)
tags = {
"Environment" = "staging"
"ManagedBy" = "Terraform"
"Name" = "integrator-staging-background-runner"
}
# (10 unchanged attributes hidden)
}
Plan: 4 to add, 4 to change, 4 to destroy.
Changes to Outputs:
~ api_task_definition_arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-api:82" -> (known after apply)
~ ecs_task_definition_arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-background-runner:83" -> (known after apply)
─────────────────────────────────────────────────────────────────────────────
Saved the plan to: tfplan
To perform exactly these actions, run the following command to apply:
terraform apply "tfplan"
🔵 Comment /apply-staging to apply these changes.
ℹ️ Note: The
Plan: 4 to add, 4 to change, 4 to destroy.output is always expected due to a known Terraform AWS provider issue. ECS task definitions show asmust be replacedon every plan because the provider stores container definitions in a different order than AWS returns them. This is cosmetic only - real changes (new images, env vars) are still detected correctly.
module.doppler_aws_secrets.data.external.env_vars: Reading...
module.rds.random_password.master[0]: Refreshing state... [id=none]
module.doppler_aws_secrets.doppler_environment.config: Refreshing state... [id=integrator.prod]
data.doppler_secrets.github: Reading...
module.github_actions_role.data.tls_certificate.github: Reading...
module.rds.tls_private_key.bastion[0]: Refreshing state... [id=b458af7b383ee8f3e3fcd9aeaac04b321158c3eb]
module.rds.random_password.readonly[0]: Refreshing state... [id=none]
module.github_actions_role.data.tls_certificate.github: Read complete after 0s [id=772ed8785f2c647baa040d3a1b4aa6cafacb6267]
module.doppler_aws_secrets.data.doppler_secrets.existing: Reading...
module.datadog_log_pipeline.datadog_apm_retention_filter.llmobs_traces: Refreshing state... [id=ZAg6PqW4QYS9vFG1VbVz-g]
module.datadog_log_pipeline.datadog_logs_index.integrator: Refreshing state... [id=integrator-prod]
module.datadog_log_pipeline.datadog_apm_retention_filter.error_traces: Refreshing state... [id=nUNRxvKsTYaNYc3mOIp8qQ]
module.datadog_log_pipeline.datadog_logs_custom_pipeline.integrator_json: Refreshing state... [id=Tr5j8R9oTUmYINowsAYAcw]
module.doppler_aws_secrets.data.external.env_vars: Read complete after 1s [id=-]
module.ecs_api.aws_ecr_repository.api[0]: Refreshing state... [id=integrator-api]
module.ai_agent_debugging_role.data.aws_caller_identity.current: Reading...
module.ecs_api.aws_cloudwatch_log_group.migrations_logs: Refreshing state... [id=/ecs/integrator/prod/migrations]
module.artifacts_bucket.aws_s3_bucket.this: Refreshing state... [id=integrator-artifacts-prod]
module.doppler_aws_secrets.data.doppler_secrets.existing: Read complete after 0s [id=integrator.prod]
module.rds.aws_iam_role.bastion[0]: Refreshing state... [id=integrator-prod-bastion-role]
module.ai_agent_debugging_role.data.aws_caller_identity.current: Read complete after 0s [id=256586139593]
module.private_subnets.data.aws_availability_zones.available: Reading...
module.private_subnets.data.aws_availability_zones.available: Read complete after 0s [id=us-east-1]
module.github_actions_role.aws_iam_openid_connect_provider.github[0]: Refreshing state... [id=arn:aws:iam::256586139593:oidc-provider/token.actions.githubusercontent.com]
module.ecs_api.aws_cloudwatch_log_group.poller_logs: Refreshing state... [id=/ecs/integrator/prod/poller]
data.doppler_secrets.github: Read complete after 1s [id=integrator.prod]
module.ecs_api.data.aws_ecs_cluster.default: Reading...
module.rds.aws_secretsmanager_secret.master_password[0]: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:256586139593:secret:integrator/prod/rds-master-password-eUwfvl]
module.rds.data.aws_ami.amazon_linux[0]: Reading...
module.ecs_api.data.aws_vpc.selected: Reading...
module.github_actions_role.data.aws_caller_identity.current: Reading...
module.github_actions_role.data.aws_caller_identity.current: Read complete after 0s [id=256586139593]
data.aws_caller_identity.current: Reading...
module.rds.data.aws_region.current: Reading...
module.rds.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.rds.aws_key_pair.bastion[0]: Refreshing state... [id=integrator-prod-bastion-key]
module.ecs_api.data.aws_ecs_cluster.default: Read complete after 0s [id=arn:aws:ecs:us-east-1:256586139593:cluster/default]
module.rds.aws_secretsmanager_secret.bastion_ssh_key[0]: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:256586139593:secret:integrator/prod/bastion-ssh-key-1KH899]
data.aws_caller_identity.current: Read complete after 0s [id=256586139593]
module.knowledge_bucket.aws_s3_bucket.this: Refreshing state... [id=integrator-knowledge-prod]
module.rds.aws_secretsmanager_secret.readonly_password[0]: Refreshing state... [id=integrator/prod/rds-readonly-password]
module.doppler_aws_secrets.aws_iam_policy.doppler_secrets_manager: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-prod-doppler-secrets-manager-policy]
module.rds.aws_db_parameter_group.main: Refreshing state... [id=integrator-prod-postgres-20251121153637932500000001]
module.ecs_api.aws_iam_policy.ecs_exec: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-prod-api-ecs-exec-policy]
module.doppler_aws_secrets.aws_iam_role.doppler_secrets_manager: Refreshing state... [id=integrator-prod-doppler-secrets-manager-role]
module.ecs_api.aws_iam_role.api_task_execution: Refreshing state... [id=integrator-prod-api-task-execution-role]
module.ecs_api.aws_cloudwatch_log_group.api_logs: Refreshing state... [id=/ecs/integrator/prod/api]
module.rds.aws_iam_role.rds_monitoring[0]: Refreshing state... [id=integrator-prod-rds-monitoring-role]
module.ecs_api.aws_iam_role.api_task: Refreshing state... [id=integrator-prod-api-task-role]
module.ecs_api.data.aws_caller_identity.current: Reading...
module.ecs_api.data.aws_caller_identity.current: Read complete after 1s [id=256586139593]
module.private_subnets.data.aws_vpc.default: Reading...
module.ecs_api.data.aws_vpc.selected: Read complete after 1s [id=vpc-0529dea5160deb846]
module.ai_agent_debugging_role.aws_iam_role.ai_agent_debugging: Refreshing state... [id=integrator-ai-agent-debugging-prod]
module.rds.data.aws_ami.amazon_linux[0]: Read complete after 1s [id=ami-0724302e25d16f8f2]
module.ecs_api.aws_ecr_lifecycle_policy.api[0]: Refreshing state... [id=integrator-api]
github_actions_secret.gh_access_token: Refreshing state... [id=integrator:GH_ACCESS_TOKEN]
module.github_actions_role.aws_iam_role.github_actions: Refreshing state... [id=integrator-github-actions-prod]
module.rds.aws_iam_instance_profile.bastion[0]: Refreshing state... [id=integrator-prod-bastion-profile]
module.rds.aws_iam_role_policy_attachment.bastion_ssm[0]: Refreshing state... [id=integrator-prod-bastion-role-20251209065339934800000002]
module.datadog_dashboards.datadog_dashboard.cost[0]: Refreshing state... [id=sg9-zyk-4r7]
module.rds.aws_secretsmanager_secret_version.master_password[0]: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:256586139593:secret:integrator/prod/rds-master-password-eUwfvl|terraform-20260102104323671400000002]
module.rds.aws_secretsmanager_secret_version.bastion_ssh_key[0]: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:256586139593:secret:integrator/prod/bastion-ssh-key-1KH899|terraform-20251209070355334400000002]
module.rds.aws_secretsmanager_secret_version.readonly_password[0]: Refreshing state... [id=integrator/prod/rds-readonly-password|terraform-20260113102854430300000001]
module.artifacts_bucket.aws_s3_bucket_server_side_encryption_configuration.this: Refreshing state... [id=integrator-artifacts-prod]
module.artifacts_bucket.aws_s3_bucket_public_access_block.this: Refreshing state... [id=integrator-artifacts-prod]
module.doppler_aws_secrets.aws_iam_role_policy_attachment.doppler_secrets_manager: Refreshing state... [id=integrator-prod-doppler-secrets-manager-role-20251117114311112900000001]
module.artifacts_bucket.aws_s3_bucket_lifecycle_configuration.this: Refreshing state... [id=integrator-artifacts-prod]
module.doppler_aws_secrets.doppler_integration_aws_secrets_manager.integration: Refreshing state... [id=f8180e75-b756-44ea-94f0-ba14f3f34cf3]
module.ecs_api.aws_iam_role_policy_attachment.api_task_execution: Refreshing state... [id=integrator-prod-api-task-execution-role-20251119130129752900000001]
module.private_subnets.data.aws_vpc.default: Read complete after 0s [id=vpc-0529dea5160deb846]
module.ecs_api.data.aws_subnets.public: Reading...
module.ecs_api.aws_lb_target_group.api: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:256586139593:targetgroup/integrator-prod-api-tg/480bcba81e9b7bc4]
module.ecs_api.aws_security_group.alb: Refreshing state... [id=sg-01a98c3baf47519e1]
module.doppler_aws_secrets.doppler_secret.secrets["WATCHDOG_MAX_FIXERS_PER_DAY"]: Refreshing state... [id=integrator.prod.WATCHDOG_MAX_FIXERS_PER_DAY]
module.doppler_aws_secrets.doppler_secret.secrets["DD_API_KEY"]: Refreshing state... [id=integrator.prod.DD_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["LANGSMITH_TRACING"]: Refreshing state... [id=integrator.prod.LANGSMITH_TRACING]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_EXA_API_KEY"]: Refreshing state... [id=integrator.prod.COMPOSIO_EXA_API_KEY]
module.ecs_api.data.aws_subnets.public: Read complete after 0s [id=us-east-1]
module.doppler_aws_secrets.doppler_secret.secrets["AZURE_OPENAI_ENDPOINT_URL"]: Refreshing state... [id=integrator.prod.AZURE_OPENAI_ENDPOINT_URL]
module.doppler_aws_secrets.doppler_secret.secrets["TEST_CONNECTION_ID"]: Refreshing state... [id=integrator.prod.TEST_CONNECTION_ID]
module.doppler_aws_secrets.doppler_secret.secrets["ANCHOR_API_KEY"]: Refreshing state... [id=integrator.prod.ANCHOR_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_YELP_API_KEY"]: Refreshing state... [id=integrator.prod.COMPOSIO_YELP_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_STAGING_API_KEY"]: Refreshing state... [id=integrator.prod.COMPOSIO_STAGING_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["CLICKHOUSE_USERNAME"]: Refreshing state... [id=integrator.prod.CLICKHOUSE_USERNAME]
module.doppler_aws_secrets.doppler_secret.secrets["GITHUB_REVIEWER_TOKEN"]: Refreshing state... [id=integrator.prod.GITHUB_REVIEWER_TOKEN]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_SEATGEEK_KEY"]: Refreshing state... [id=integrator.prod.COMPOSIO_SEATGEEK_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["THERMOS_PORT"]: Refreshing state... [id=integrator.prod.THERMOS_PORT]
module.doppler_aws_secrets.doppler_secret.secrets["VERCEL_AI_GATEWAY_API_KEY"]: Refreshing state... [id=integrator.prod.VERCEL_AI_GATEWAY_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["APOLLO_ADMIN_TOKEN"]: Refreshing state... [id=integrator.prod.APOLLO_ADMIN_TOKEN]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_ADMIN_TOKEN"]: Refreshing state... [id=integrator.prod.COMPOSIO_ADMIN_TOKEN]
module.doppler_aws_secrets.doppler_secret.secrets["NOTION_API_KEY"]: Refreshing state... [id=integrator.prod.NOTION_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["ENCRYPTION_KEY"]: Refreshing state... [id=integrator.prod.ENCRYPTION_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["TWITTER_API_KEY"]: Refreshing state... [id=integrator.prod.TWITTER_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["DISABLE_MERCURY_CLEANUP"]: Refreshing state... [id=integrator.prod.DISABLE_MERCURY_CLEANUP]
module.doppler_aws_secrets.doppler_secret.secrets["TOOLS_DATABASE_URL"]: Refreshing state... [id=integrator.prod.TOOLS_DATABASE_URL]
module.doppler_aws_secrets.doppler_secret.secrets["APOLLO_URL"]: Refreshing state... [id=integrator.prod.APOLLO_URL]
module.doppler_aws_secrets.doppler_secret.secrets["THERMOS_HOST"]: Refreshing state... [id=integrator.prod.THERMOS_HOST]
module.doppler_aws_secrets.doppler_secret.secrets["THERMOS_DATABASE"]: Refreshing state... [id=integrator.prod.THERMOS_DATABASE]
module.doppler_aws_secrets.doppler_secret.secrets["THERMOS_USERNAME"]: Refreshing state... [id=integrator.prod.THERMOS_USERNAME]
module.doppler_aws_secrets.doppler_secret.secrets["USE_APOLLO_GET_DOWNLOAD_URL_API"]: Refreshing state... [id=integrator.prod.USE_APOLLO_GET_DOWNLOAD_URL_API]
module.doppler_aws_secrets.doppler_secret.secrets["PYTHONPATH"]: Refreshing state... [id=integrator.prod.PYTHONPATH]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_INSTACART_API_KEY"]: Refreshing state... [id=integrator.prod.COMPOSIO_INSTACART_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["GITHUB_ACCESS_TOKEN"]: Refreshing state... [id=integrator.prod.GITHUB_ACCESS_TOKEN]
module.doppler_aws_secrets.doppler_secret.secrets["OPENAI_API_KEY"]: Refreshing state... [id=integrator.prod.OPENAI_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["HELICONE_API_KEY"]: Refreshing state... [id=integrator.prod.HELICONE_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["LINEAR_API_KEY"]: Refreshing state... [id=integrator.prod.LINEAR_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["TWITTER_API_SECRET"]: Refreshing state... [id=integrator.prod.TWITTER_API_SECRET]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_API_KEY"]: Refreshing state... [id=integrator.prod.COMPOSIO_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["WATCHDOG_BATCH_POLLER_DISABLED"]: Refreshing state... [id=integrator.prod.WATCHDOG_BATCH_POLLER_DISABLED]
module.doppler_aws_secrets.doppler_secret.secrets["MERCURY_AUTOLOAD"]: Refreshing state... [id=integrator.prod.MERCURY_AUTOLOAD]
module.doppler_aws_secrets.doppler_secret.secrets["THERMOS_PASSWORD"]: Refreshing state... [id=integrator.prod.THERMOS_PASSWORD]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_STAGING_ADMIN_TOKEN"]: Refreshing state... [id=integrator.prod.COMPOSIO_STAGING_ADMIN_TOKEN]
module.doppler_aws_secrets.doppler_secret.secrets["PERPLEXITY_API_KEY"]: Refreshing state... [id=integrator.prod.PERPLEXITY_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["LANGSMITH_API_KEY"]: Refreshing state... [id=integrator.prod.LANGSMITH_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["STATSD_METRICS_FLUSH_WAIT_TIME_SECS"]: Refreshing state... [id=integrator.prod.STATSD_METRICS_FLUSH_WAIT_TIME_SECS]
module.doppler_aws_secrets.doppler_secret.secrets["PIPEDREAM_PATH"]: Refreshing state... [id=integrator.prod.PIPEDREAM_PATH]
module.doppler_aws_secrets.doppler_secret.secrets["CLICKHOUSE_PASSWORD"]: Refreshing state... [id=integrator.prod.CLICKHOUSE_PASSWORD]
module.doppler_aws_secrets.doppler_secret.secrets["FIRECRAWL_API_KEY"]: Refreshing state... [id=integrator.prod.FIRECRAWL_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["BRANDFETCH_API_KEY"]: Refreshing state... [id=integrator.prod.BRANDFETCH_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["ZAPIER_PATH"]: Refreshing state... [id=integrator.prod.ZAPIER_PATH]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_GEMINI_API_KEY"]: Refreshing state... [id=integrator.prod.COMPOSIO_GEMINI_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["ANTHROPIC_API_KEY"]: Refreshing state... [id=integrator.prod.ANTHROPIC_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["LANGSMITH_ENDPOINT"]: Refreshing state... [id=integrator.prod.LANGSMITH_ENDPOINT]
module.doppler_aws_secrets.doppler_secret.secrets["GROQ_API_KEY"]: Refreshing state... [id=integrator.prod.GROQ_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["AZURE_OPENAI_SUBSCRIPTION_KEY"]: Refreshing state... [id=integrator.prod.AZURE_OPENAI_SUBSCRIPTION_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["BACKEND_READONLY_URL"]: Refreshing state... [id=integrator.prod.BACKEND_READONLY_URL]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_WEBHOOK_SECRET"]: Refreshing state... [id=integrator.prod.COMPOSIO_WEBHOOK_SECRET]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_TAVILY_API_KEY"]: Refreshing state... [id=integrator.prod.COMPOSIO_TAVILY_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["SLACK_BOT_TOKEN"]: Refreshing state... [id=integrator.prod.SLACK_BOT_TOKEN]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_SERPAPI_API_KEY"]: Refreshing state... [id=integrator.prod.COMPOSIO_SERPAPI_API_KEY]
module.rds.aws_iam_role_policy_attachment.rds_monitoring[0]: Refreshing state... [id=integrator-prod-rds-monitoring-role-20251121100809599300000002]
module.ecs_api.aws_iam_role_policy_attachment.api_ecs_exec: Refreshing state... [id=integrator-prod-api-task-role-20260110143245125100000001]
module.knowledge_bucket.aws_s3_bucket_lifecycle_configuration.this: Refreshing state... [id=integrator-knowledge-prod]
module.knowledge_bucket.aws_s3_bucket_public_access_block.this: Refreshing state... [id=integrator-knowledge-prod]
module.knowledge_bucket.aws_s3_bucket_versioning.this[0]: Refreshing state... [id=integrator-knowledge-prod]
module.knowledge_bucket.aws_s3_bucket_server_side_encryption_configuration.this: Refreshing state... [id=integrator-knowledge-prod]
module.private_subnets.aws_route_table.private: Refreshing state... [id=rtb-0cec1fb4f58eaade7]
module.private_subnets.aws_subnet.private[0]: Refreshing state... [id=subnet-0c9ccc78412c4983e]
module.private_subnets.aws_subnet.private[1]: Refreshing state... [id=subnet-0e6efa013fe2ac723]
module.github_actions_role.aws_iam_role_policy.cloudwatch_logs: Refreshing state... [id=integrator-github-actions-prod:integrator-github-actions-prod-cloudwatch-logs-policy]
module.github_actions_role.aws_iam_role_policy_attachment.terraform_admin[0]: Refreshing state... [id=integrator-github-actions-prod-20260115155059879900000001]
module.ecs_api.aws_security_group.api: Refreshing state... [id=sg-0b340dddce9618955]
module.ai_agent_debugging_role.aws_iam_role_policy.secrets_manager_debugging: Refreshing state... [id=integrator-ai-agent-debugging-prod:integrator-ai-agent-debugging-prod-secrets-manager-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.ecr_debugging: Refreshing state... [id=integrator-ai-agent-debugging-prod:integrator-ai-agent-debugging-prod-ecr-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.s3_debugging: Refreshing state... [id=integrator-ai-agent-debugging-prod:integrator-ai-agent-debugging-prod-s3-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.ecs_debugging: Refreshing state... [id=integrator-ai-agent-debugging-prod:integrator-ai-agent-debugging-prod-ecs-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.alb_debugging: Refreshing state... [id=integrator-ai-agent-debugging-prod:integrator-ai-agent-debugging-prod-alb-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.vpc_debugging: Refreshing state... [id=integrator-ai-agent-debugging-prod:integrator-ai-agent-debugging-prod-vpc-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.cloudwatch_metrics_debugging: Refreshing state... [id=integrator-ai-agent-debugging-prod:integrator-ai-agent-debugging-prod-cloudwatch-metrics-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.iam_debugging: Refreshing state... [id=integrator-ai-agent-debugging-prod:integrator-ai-agent-debugging-prod-iam-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.deny_privilege_escalation: Refreshing state... [id=integrator-ai-agent-debugging-prod:integrator-ai-agent-debugging-prod-deny-privilege-escalation]
module.ai_agent_debugging_role.aws_iam_role_policy.cloudwatch_logs_debugging: Refreshing state... [id=integrator-ai-agent-debugging-prod:integrator-ai-agent-debugging-prod-cloudwatch-logs-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.rds_debugging: Refreshing state... [id=integrator-ai-agent-debugging-prod:integrator-ai-agent-debugging-prod-rds-policy]
data.aws_vpc.default: Reading...
github_actions_secret.aws_role_arn: Refreshing state... [id=integrator:AWS_ROLE_ARN_PROD]
module.doppler_aws_secrets.doppler_secrets_sync_aws_secrets_manager.sync: Refreshing state... [id=dd32cab2-43b9-4982-8608-0d9e7ef07008]
module.ecs_api.aws_lb.api: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:256586139593:loadbalancer/app/integrator-prod-alb/a90df99d7efaafb4]
module.private_subnets.aws_route_table_association.private[1]: Refreshing state... [id=rtbassoc-004db5cb1a7f82fe4]
module.private_subnets.aws_route_table_association.private[0]: Refreshing state... [id=rtbassoc-0965ac73c1c272e6d]
module.rds.data.aws_vpc.selected: Reading...
module.rds.aws_security_group.rds_client[0]: Refreshing state... [id=sg-0a5f38e269947dd2b]
github_actions_secret.ecs_subnets: Refreshing state... [id=integrator:ECS_SUBNETS_PROD]
module.rds.aws_security_group.bastion[0]: Refreshing state... [id=sg-00fec6e131a7856da]
module.doppler_aws_secrets.null_resource.wait_for_secrets: Refreshing state... [id=204540429253022221]
module.rds.aws_db_subnet_group.main: Refreshing state... [id=integrator-prod-db-subnet-group]
module.doppler_aws_secrets.data.aws_secretsmanager_secrets.synced: Reading...
github_actions_secret.ecs_security_groups: Refreshing state... [id=integrator:ECS_SECURITY_GROUPS_PROD]
module.ecs_api.aws_lb_listener.http: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:256586139593:listener/app/integrator-prod-alb/a90df99d7efaafb4/0c03b8bc33aef8d0]
data.aws_vpc.default: Read complete after 0s [id=vpc-0529dea5160deb846]
data.aws_subnets.public: Reading...
module.clickhouse_privatelink.aws_security_group.clickhouse_vpce: Refreshing state... [id=sg-034330929d9d990c1]
data.aws_subnets.public: Read complete after 0s [id=us-east-1]
module.doppler_aws_secrets.data.aws_secretsmanager_secrets.synced: Read complete after 0s [id=us-east-1]
module.clickhouse_privatelink.aws_vpc_endpoint.clickhouse: Refreshing state... [id=vpce-042be8f500c67fba7]
module.rds.data.aws_vpc.selected: Read complete after 0s [id=vpc-0529dea5160deb846]
module.rds.aws_instance.bastion[0]: Refreshing state... [id=i-0342e072cbf34ad16]
module.rds.aws_security_group.rds: Refreshing state... [id=sg-0d7ecef877697558c]
module.rds.aws_db_instance.main: Refreshing state... [id=db-PPFVILK5DKEQIIFO47ASSRDD2A]
module.ecs_api.aws_iam_policy.api_secrets_access: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-prod-api-secrets-access]
module.rds.null_resource.create_readonly_user[0]: Refreshing state... [id=1172274362782256699]
module.ecs_api.aws_ecs_task_definition.migrations: Refreshing state... [id=integrator-prod-migrations]
module.ecs_api.aws_ecs_task_definition.poller: Refreshing state... [id=integrator-prod-poller]
module.ecs_api.aws_iam_role_policy_attachment.api_secrets_access: Refreshing state... [id=integrator-prod-api-task-execution-role-20251127102314997400000001]
module.ecs_api.aws_ecs_service.poller: Refreshing state... [id=arn:aws:ecs:us-east-1:256586139593:service/default/integrator-prod-poller]
module.clickhouse_privatelink.clickhouse_service_private_endpoints_attachment.this: Refreshing state...
module.rds.aws_eip.bastion[0]: Refreshing state... [id=eipalloc-0e0ae9a6a950dc2d6]
module.ecs_background_runner.aws_iam_policy.s3_knowledge_access: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-prod-s3-knowledge-access]
module.ecs_background_runner.data.aws_caller_identity.current: Reading...
module.ecs_background_runner.aws_iam_policy.ecs_exec: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-prod-ecs-exec-policy]
module.ecs_background_runner.aws_iam_role.task: Refreshing state... [id=integrator-prod-ecs-task-role]
module.ecs_background_runner.aws_iam_role.task_execution: Refreshing state... [id=integrator-prod-ecs-task-execution-role]
module.ecs_background_runner.aws_cloudwatch_log_group.task_logs: Refreshing state... [id=/ecs/integrator/prod/background-runner]
module.ecs_background_runner.data.aws_caller_identity.current: Read complete after 0s [id=256586139593]
module.ecs_background_runner.aws_cloudwatch_log_group.ecs_task_events: Refreshing state... [id=/aws/events/integrator/prod/ecs-task-state-change]
module.ecs_background_runner.aws_ecs_cluster.cluster[0]: Refreshing state... [id=arn:aws:ecs:us-east-1:256586139593:cluster/default]
module.ecs_background_runner.aws_ecr_repository.background_runner[0]: Refreshing state... [id=integrator-background-runner]
module.ecs_background_runner.aws_iam_policy.secrets_manager_access: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-prod-ecs-secrets-access]
module.ecs_background_runner.aws_cloudwatch_event_rule.ecs_task_state_change: Refreshing state... [id=integrator-prod-ecs-task-state-change]
module.github_actions_role.aws_iam_role_policy.ecr: Refreshing state... [id=integrator-github-actions-prod:integrator-github-actions-prod-ecr-policy]
module.ecs_background_runner.aws_ecr_lifecycle_policy.background_runner[0]: Refreshing state... [id=integrator-background-runner]
module.ecs_background_runner.aws_iam_role_policy_attachment.ecs_exec: Refreshing state... [id=integrator-prod-ecs-task-role-20251118121957970700000001]
module.ecs_background_runner.aws_iam_role_policy_attachment.s3_knowledge_access: Refreshing state... [id=integrator-prod-ecs-task-role-20260110150021566200000001]
module.ecs_background_runner.aws_iam_role_policy_attachment.task_execution: Refreshing state... [id=integrator-prod-ecs-task-execution-role-20251117132727612500000001]
module.ecs_background_runner.aws_iam_role_policy_attachment.secrets_access: Refreshing state... [id=integrator-prod-ecs-task-execution-role-20251117132727872900000002]
module.ecs_background_runner.aws_ecs_task_definition.background_runner: Refreshing state... [id=integrator-prod-background-runner]
module.ecs_background_runner.aws_cloudwatch_event_target.ecs_task_state_change_logs: Refreshing state... [id=integrator-prod-ecs-task-state-change-LogTaskStateChanges]
module.ecs_api.aws_iam_policy.launch_background_runner: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-prod-api-launch-tasks-policy]
module.ecs_api.aws_ecs_task_definition.api: Refreshing state... [id=integrator-prod-api]
module.ecs_api.aws_ecs_service.api: Refreshing state... [id=arn:aws:ecs:us-east-1:256586139593:service/default/integrator-prod-api]
module.ecs_api.aws_iam_role_policy_attachment.api_launch_tasks: Refreshing state... [id=integrator-prod-api-task-role-20251119130129778400000002]
module.github_actions_role.aws_iam_role_policy.ecs: Refreshing state... [id=integrator-github-actions-prod:integrator-github-actions-prod-ecs-policy]
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create
~ update in-place
-/+ destroy and then create replacement
Terraform will perform the following actions:
# module.ecs_api.aws_cloudwatch_log_group.worker_logs will be created
+ resource "aws_cloudwatch_log_group" "worker_logs" {
+ arn = (known after apply)
+ id = (known after apply)
+ log_group_class = (known after apply)
+ name = "/ecs/integrator/prod/worker"
+ name_prefix = (known after apply)
+ retention_in_days = 7
+ skip_destroy = false
+ tags = {
+ "Environment" = "prod"
+ "ManagedBy" = "Terraform"
+ "Name" = "integrator-prod-worker-logs"
}
+ tags_all = {
+ "Environment" = "prod"
+ "ManagedBy" = "Terraform"
+ "Name" = "integrator-prod-worker-logs"
}
}
# module.ecs_api.aws_ecs_service.api will be updated in-place
~ resource "aws_ecs_service" "api" {
id = "arn:aws:ecs:us-east-1:256586139593:service/default/integrator-prod-api"
name = "integrator-prod-api"
tags = {
"Environment" = "prod"
"ManagedBy" = "Terraform"
"Name" = "integrator-prod-api-service"
}
~ task_definition = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-prod-api:102" -> (known after apply)
# (16 unchanged attributes hidden)
# (4 unchanged blocks hidden)
}
# module.ecs_api.aws_ecs_service.poller will be updated in-place
~ resource "aws_ecs_service" "poller" {
id = "arn:aws:ecs:us-east-1:256586139593:service/default/integrator-prod-poller"
name = "integrator-prod-poller"
tags = {
"Environment" = "prod"
"ManagedBy" = "Terraform"
"Name" = "integrator-prod-poller-service"
}
~ task_definition = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-prod-poller:87" -> (known after apply)
# (16 unchanged attributes hidden)
# (3 unchanged blocks hidden)
}
# module.ecs_api.aws_ecs_service.worker will be created
+ resource "aws_ecs_service" "worker" {
+ availability_zone_rebalancing = "DISABLED"
+ cluster = "arn:aws:ecs:us-east-1:256586139593:cluster/default"
+ deployment_maximum_percent = 200
+ deployment_minimum_healthy_percent = 100
+ desired_count = 1
+ enable_ecs_managed_tags = false
+ enable_execute_command = true
+ iam_role = (known after apply)
+ id = (known after apply)
+ launch_type = "FARGATE"
+ name = "integrator-prod-worker"
+ platform_version = (known after apply)
+ scheduling_strategy = "REPLICA"
+ tags = {
+ "Environment" = "prod"
+ "ManagedBy" = "Terraform"
+ "Name" = "integrator-prod-worker-service"
}
+ tags_all = {
+ "Environment" = "prod"
+ "ManagedBy" = "Terraform"
+ "Name" = "integrator-prod-worker-service"
}
+ task_definition = (known after apply)
+ triggers = (known after apply)
+ wait_for_steady_state = false
+ deployment_circuit_breaker {
+ enable = true
+ rollback = true
}
+ network_configuration {
+ assign_public_ip = true
+ security_groups = [
+ "sg-0b340dddce9618955",
]
+ subnets = [
+ "subnet-006a11f7b19901be1",
+ "subnet-013a9a6febbffa4af",
+ "subnet-0167a232e3ca0bda3",
+ "subnet-023ad462e398f7e71",
+ "subnet-031e32528629c9dc1",
+ "subnet-0d79b9a8cbdbe9216",
]
}
}
# module.ecs_api.aws_ecs_task_definition.api must be replaced
-/+ resource "aws_ecs_task_definition" "api" {
~ arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-prod-api:102" -> (known after apply)
~ arn_without_revision = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-prod-api" -> (known after apply)
~ container_definitions = (sensitive value) # forces replacement
~ enable_fault_injection = false -> (known after apply)
~ id = "integrator-prod-api" -> (known after apply)
~ revision = 102 -> (known after apply)
tags = {
"Environment" = "prod"
"ManagedBy" = "Terraform"
"Name" = "integrator-prod-api"
}
# (10 unchanged attributes hidden)
}
# module.ecs_api.aws_ecs_task_definition.poller must be replaced
-/+ resource "aws_ecs_task_definition" "poller" {
~ arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-prod-poller:87" -> (known after apply)
~ arn_without_revision = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-prod-poller" -> (known after apply)
~ container_definitions = (sensitive value) # forces replacement
~ enable_fault_injection = false -> (known after apply)
~ id = "integrator-prod-poller" -> (known after apply)
~ revision = 87 -> (known after apply)
tags = {
"Environment" = "prod"
"ManagedBy" = "Terraform"
"Name" = "integrator-prod-poller"
}
# (10 unchanged attributes hidden)
}
# module.ecs_api.aws_ecs_task_definition.worker will be created
+ resource "aws_ecs_task_definition" "worker" {
+ arn = (known after apply)
+ arn_without_revision = (known after apply)
+ container_definitions = (sensitive value)
+ cpu = "2048"
+ enable_fault_injection = (known after apply)
+ execution_role_arn = "arn:aws:iam::256586139593:role/integrator-prod-api-task-execution-role"
+ family = "integrator-prod-worker"
+ id = (known after apply)
+ memory = "12288"
+ network_mode = "awsvpc"
+ requires_compatibilities = [
+ "FARGATE",
]
+ revision = (known after apply)
+ skip_destroy = false
+ tags = {
+ "Environment" = "prod"
+ "ManagedBy" = "Terraform"
+ "Name" = "integrator-prod-worker"
}
+ tags_all = {
+ "Environment" = "prod"
+ "ManagedBy" = "Terraform"
+ "Name" = "integrator-prod-worker"
}
+ task_role_arn = "arn:aws:iam::256586139593:role/integrator-prod-api-task-role"
+ track_latest = false
}
# module.ecs_api.aws_iam_policy.api_s3_access will be created
+ resource "aws_iam_policy" "api_s3_access" {
+ arn = (known after apply)
+ attachment_count = (known after apply)
+ description = "Policy allowing API/Worker tasks to read/write S3 buckets (knowledge and artifacts)"
+ id = (known after apply)
+ name = "integrator-prod-api-s3-access-policy"
+ name_prefix = (known after apply)
+ path = "/"
+ policy = jsonencode(
{
+ Statement = [
+ {
+ Action = [
+ "s3:GetObject",
+ "s3:PutObject",
+ "s3:DeleteObject",
+ "s3:GetObjectVersion",
+ "s3:ListBucket",
]
+ Effect = "Allow"
+ Resource = [
+ "arn:aws:s3:::integrator-knowledge-*",
+ "arn:aws:s3:::integrator-knowledge-*/*",
+ "arn:aws:s3:::integrator-artifacts-*",
+ "arn:aws:s3:::integrator-artifacts-*/*",
]
},
]
+ Version = "2012-10-17"
}
)
+ policy_id = (known after apply)
+ tags = {
+ "Environment" = "prod"
+ "ManagedBy" = "Terraform"
+ "Name" = "integrator-prod-api-s3-access-policy"
}
+ tags_all = {
+ "Environment" = "prod"
+ "ManagedBy" = "Terraform"
+ "Name" = "integrator-prod-api-s3-access-policy"
}
}
# module.ecs_api.aws_iam_policy.launch_background_runner will be updated in-place
~ resource "aws_iam_policy" "launch_background_runner" {
id = "arn:aws:iam::256586139593:policy/integrator-prod-api-launch-tasks-policy"
name = "integrator-prod-api-launch-tasks-policy"
~ policy = jsonencode(
{
- Statement = [
- {
- Action = [
- "ecs:RunTask",
- "ecs:DescribeTasks",
- "ecs:StopTask",
- "ecs:ListTasks",
]
- Effect = "Allow"
- Resource = [
- "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-prod-background-runner:*",
- "arn:aws:ecs:us-east-1:256586139593:task/default/*",
]
},
- {
- Action = [
- "iam:PassRole",
]
- Condition = {
- StringEquals = {
- "iam:PassedToService" = "ecs-tasks.amazonaws.com"
}
}
- Effect = "Allow"
- Resource = [
- "arn:aws:iam::256586139593:role/integrator-prod-ecs-task-execution-role",
- "arn:aws:iam::256586139593:role/integrator-prod-ecs-task-role",
]
},
]
- Version = "2012-10-17"
}
) -> (known after apply)
tags = {
"Environment" = "prod"
"ManagedBy" = "Terraform"
"Name" = "integrator-prod-api-launch-tasks-policy"
}
# (6 unchanged attributes hidden)
}
# module.ecs_api.aws_iam_role_policy_attachment.api_s3_access will be created
+ resource "aws_iam_role_policy_attachment" "api_s3_access" {
+ id = (known after apply)
+ policy_arn = (known after apply)
+ role = "integrator-prod-api-task-role"
}
# module.ecs_background_runner.aws_ecs_task_definition.background_runner must be replaced
-/+ resource "aws_ecs_task_definition" "background_runner" {
~ arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-prod-background-runner:117" -> (known after apply)
~ arn_without_revision = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-prod-background-runner" -> (known after apply)
~ container_definitions = (sensitive value) # forces replacement
~ enable_fault_injection = false -> (known after apply)
~ id = "integrator-prod-background-runner" -> (known after apply)
~ revision = 117 -> (known after apply)
tags = {
"Environment" = "prod"
"ManagedBy" = "Terraform"
"Name" = "integrator-prod-background-runner"
}
# (10 unchanged attributes hidden)
}
# module.github_actions_role.aws_iam_role_policy.ecs will be updated in-place
~ resource "aws_iam_role_policy" "ecs" {
id = "integrator-github-actions-prod:integrator-github-actions-prod-ecs-policy"
name = "integrator-github-actions-prod-ecs-policy"
~ policy = jsonencode(
~ {
~ Statement = [
~ {
~ Resource = [
# (1 unchanged element hidden)
"arn:aws:ecs:us-east-1:256586139593:service/default/integrator-prod-poller",
+ "arn:aws:ecs:us-east-1:256586139593:service/default/integrator-prod-worker",
]
# (2 unchanged attributes hidden)
},
{
Action = [
"ecs:RunTask",
"ecs:DescribeTasks",
]
Effect = "Allow"
Resource = [
"arn:aws:ecs:us-east-1:256586139593:task-definition/*-migrations:*",
"arn:aws:ecs:us-east-1:256586139593:task/default/*",
]
},
# (2 unchanged elements hidden)
]
# (1 unchanged attribute hidden)
}
)
# (1 unchanged attribute hidden)
}
Plan: 8 to add, 4 to change, 3 to destroy.
Changes to Outputs:
~ api_task_definition_arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-prod-api:102" -> (known after apply)
~ ecs_task_definition_arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-prod-background-runner:117" -> (known after apply)
Warning: Argument is deprecated
with module.datadog_dashboards.datadog_dashboard.cost,
on ../../modules/datadog-dashboards/cost.tf line 16, in resource "datadog_dashboard" "cost":
16: default = "*"
Use `defaults` instead.
(and 7 more similar warnings elsewhere)
─────────────────────────────────────────────────────────────────────────────
Saved the plan to: tfplan
To perform exactly these actions, run the following command to apply:
terraform apply "tfplan"
⚠️ Production changes will be applied after merge to next branch.
...(earlier output truncated)...
Refreshing state... [id=integrator-knowledge-staging]
module.artifacts_bucket.aws_s3_bucket_public_access_block.this: Refreshing state... [id=integrator-artifacts-staging]
module.knowledge_bucket.aws_s3_bucket_lifecycle_configuration.this: Refreshing state... [id=integrator-knowledge-staging]
module.artifacts_bucket.aws_s3_bucket_lifecycle_configuration.this: Refreshing state... [id=integrator-artifacts-staging]
module.artifacts_bucket.aws_s3_bucket_server_side_encryption_configuration.this: Refreshing state... [id=integrator-artifacts-staging]
module.github_actions_role.aws_iam_role.github_actions: Refreshing state... [id=integrator-github-actions-staging]
module.ecs_api.data.aws_vpc.selected: Read complete after 0s [id=vpc-0529dea5160deb846]
module.ecs_api.aws_security_group.alb: Refreshing state... [id=sg-0f268d8e0027eaad9]
module.ecs_api.aws_lb_target_group.api: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:256586139593:targetgroup/integrator-staging-api-tg/4ebc38c1a3c18f91]
data.aws_vpc.default: Read complete after 0s [id=vpc-0529dea5160deb846]
module.ecs_api.data.aws_subnets.public: Reading...
data.aws_subnets.public: Reading...
module.ecs_api.aws_security_group.api: Refreshing state... [id=sg-06a8634c658cb6242]
module.rds.data.aws_vpc.selected: Reading...
module.ecs_api.data.aws_subnets.public: Read complete after 1s [id=us-east-1]
module.github_actions_role.aws_iam_role_policy.cloudwatch_logs: Refreshing state... [id=integrator-github-actions-staging:integrator-github-actions-staging-cloudwatch-logs-policy]
module.github_actions_role.aws_iam_role_policy_attachment.terraform_admin[0]: Refreshing state... [id=integrator-github-actions-staging-20260115154744404400000001]
data.aws_subnets.public: Read complete after 1s [id=us-east-1]
module.ai_agent_debugging_role.aws_iam_role_policy.secrets_manager_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-secrets-manager-policy]
module.doppler_aws_secrets.data.doppler_secrets.existing: Read complete after 1s [id=integrator.staging]
module.ai_agent_debugging_role.aws_iam_role_policy.ecs_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-ecs-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.ecr_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-ecr-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.deny_privilege_escalation: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-deny-privilege-escalation]
module.ai_agent_debugging_role.aws_iam_role_policy.s3_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-s3-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.cloudwatch_metrics_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-cloudwatch-metrics-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.rds_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-rds-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.vpc_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-vpc-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.cloudwatch_logs_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-cloudwatch-logs-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.alb_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-alb-policy]
module.ai_agent_debugging_role.aws_iam_role_policy.iam_debugging: Refreshing state... [id=integrator-ai-agent-debugging-staging:integrator-ai-agent-debugging-staging-iam-policy]
github_actions_secret.aws_role_arn: Refreshing state... [id=integrator:AWS_ROLE_ARN_STAGING]
module.ecs_api.data.aws_ecr_repository.api[0]: Read complete after 1s [id=integrator-api]
module.doppler_aws_secrets.doppler_secret.secrets["TEST_CONNECTION_ID"]: Refreshing state... [id=integrator.staging.TEST_CONNECTION_ID]
module.doppler_aws_secrets.doppler_secret.secrets["TWITTER_API_KEY"]: Refreshing state... [id=integrator.staging.TWITTER_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["TWITTER_API_SECRET"]: Refreshing state... [id=integrator.staging.TWITTER_API_SECRET]
module.doppler_aws_secrets.doppler_secret.secrets["LANGSMITH_TRACING"]: Refreshing state... [id=integrator.staging.LANGSMITH_TRACING]
module.doppler_aws_secrets.doppler_secret.secrets["AZURE_OPENAI_SUBSCRIPTION_KEY"]: Refreshing state... [id=integrator.staging.AZURE_OPENAI_SUBSCRIPTION_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["LANGSMITH_ENDPOINT"]: Refreshing state... [id=integrator.staging.LANGSMITH_ENDPOINT]
module.doppler_aws_secrets.doppler_secret.secrets["USE_APOLLO_GET_DOWNLOAD_URL_API"]: Refreshing state... [id=integrator.staging.USE_APOLLO_GET_DOWNLOAD_URL_API]
module.rds.data.aws_vpc.selected: Read complete after 0s [id=vpc-0529dea5160deb846]
module.doppler_aws_secrets.doppler_secret.secrets["WATCHDOG_MAX_FIXERS_PER_DAY"]: Refreshing state... [id=integrator.staging.WATCHDOG_MAX_FIXERS_PER_DAY]
module.doppler_aws_secrets.doppler_secret.secrets["GITHUB_ACCESS_TOKEN"]: Refreshing state... [id=integrator.staging.GITHUB_ACCESS_TOKEN]
module.doppler_aws_secrets.doppler_secret.secrets["DISABLE_MERCURY_CLEANUP"]: Refreshing state... [id=integrator.staging.DISABLE_MERCURY_CLEANUP]
module.doppler_aws_secrets.doppler_secret.secrets["TOOLS_DATABASE_URL"]: Refreshing state... [id=integrator.staging.TOOLS_DATABASE_URL]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_STAGING_API_KEY"]: Refreshing state... [id=integrator.staging.COMPOSIO_STAGING_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["APOLLO_ADMIN_TOKEN"]: Refreshing state... [id=integrator.staging.APOLLO_ADMIN_TOKEN]
module.doppler_aws_secrets.doppler_secret.secrets["GITHUB_REVIEWER_TOKEN"]: Refreshing state... [id=integrator.staging.GITHUB_REVIEWER_TOKEN]
module.doppler_aws_secrets.doppler_secret.secrets["THERMOS_PASSWORD"]: Refreshing state... [id=integrator.staging.THERMOS_PASSWORD]
module.doppler_aws_secrets.doppler_secret.secrets["PYTHONPATH"]: Refreshing state... [id=integrator.staging.PYTHONPATH]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_ADMIN_TOKEN"]: Refreshing state... [id=integrator.staging.COMPOSIO_ADMIN_TOKEN]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_WEBHOOK_SECRET"]: Refreshing state... [id=integrator.staging.COMPOSIO_WEBHOOK_SECRET]
module.doppler_aws_secrets.doppler_secret.secrets["WATCHDOG_BATCH_POLLER_DISABLED"]: Refreshing state... [id=integrator.staging.WATCHDOG_BATCH_POLLER_DISABLED]
module.doppler_aws_secrets.doppler_secret.secrets["MERCURY_AUTOLOAD"]: Refreshing state... [id=integrator.staging.MERCURY_AUTOLOAD]
module.doppler_aws_secrets.doppler_secret.secrets["THERMOS_USERNAME"]: Refreshing state... [id=integrator.staging.THERMOS_USERNAME]
module.doppler_aws_secrets.doppler_secret.secrets["ANCHOR_API_KEY"]: Refreshing state... [id=integrator.staging.ANCHOR_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["FIRECRAWL_API_KEY"]: Refreshing state... [id=integrator.staging.FIRECRAWL_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["PIPEDREAM_PATH"]: Refreshing state... [id=integrator.staging.PIPEDREAM_PATH]
module.doppler_aws_secrets.doppler_secret.secrets["BACKEND_READONLY_URL"]: Refreshing state... [id=integrator.staging.BACKEND_READONLY_URL]
module.doppler_aws_secrets.doppler_secret.secrets["THERMOS_HOST"]: Refreshing state... [id=integrator.staging.THERMOS_HOST]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_STAGING_ADMIN_TOKEN"]: Refreshing state... [id=integrator.staging.COMPOSIO_STAGING_ADMIN_TOKEN]
module.doppler_aws_secrets.doppler_secret.secrets["THERMOS_DATABASE"]: Refreshing state... [id=integrator.staging.THERMOS_DATABASE]
module.doppler_aws_secrets.doppler_secret.secrets["STATSD_METRICS_FLUSH_WAIT_TIME_SECS"]: Refreshing state... [id=integrator.staging.STATSD_METRICS_FLUSH_WAIT_TIME_SECS]
module.doppler_aws_secrets.doppler_secret.secrets["ZAPIER_PATH"]: Refreshing state... [id=integrator.staging.ZAPIER_PATH]
module.doppler_aws_secrets.doppler_secret.secrets["BRANDFETCH_API_KEY"]: Refreshing state... [id=integrator.staging.BRANDFETCH_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["SLACK_BOT_TOKEN"]: Refreshing state... [id=integrator.staging.SLACK_BOT_TOKEN]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_YELP_API_KEY"]: Refreshing state... [id=integrator.staging.COMPOSIO_YELP_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["THERMOS_PORT"]: Refreshing state... [id=integrator.staging.THERMOS_PORT]
module.doppler_aws_secrets.doppler_secret.secrets["NOTION_API_KEY"]: Refreshing state... [id=integrator.staging.NOTION_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["ANTHROPIC_API_KEY"]: Refreshing state... [id=integrator.staging.ANTHROPIC_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_SEATGEEK_KEY"]: Refreshing state... [id=integrator.staging.COMPOSIO_SEATGEEK_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["AZURE_OPENAI_ENDPOINT_URL"]: Refreshing state... [id=integrator.staging.AZURE_OPENAI_ENDPOINT_URL]
module.doppler_aws_secrets.doppler_secret.secrets["CLICKHOUSE_USERNAME"]: Refreshing state... [id=integrator.staging.CLICKHOUSE_USERNAME]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_SERPAPI_API_KEY"]: Refreshing state... [id=integrator.staging.COMPOSIO_SERPAPI_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["LANGSMITH_API_KEY"]: Refreshing state... [id=integrator.staging.LANGSMITH_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["DD_API_KEY"]: Refreshing state... [id=integrator.staging.DD_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["HELICONE_API_KEY"]: Refreshing state... [id=integrator.staging.HELICONE_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_API_KEY"]: Refreshing state... [id=integrator.staging.COMPOSIO_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["OPENAI_API_KEY"]: Refreshing state... [id=integrator.staging.OPENAI_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["GROQ_API_KEY"]: Refreshing state... [id=integrator.staging.GROQ_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["APOLLO_URL"]: Refreshing state... [id=integrator.staging.APOLLO_URL]
module.doppler_aws_secrets.doppler_secret.secrets["VERCEL_AI_GATEWAY_API_KEY"]: Refreshing state... [id=integrator.staging.VERCEL_AI_GATEWAY_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_EXA_API_KEY"]: Refreshing state... [id=integrator.staging.COMPOSIO_EXA_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_GEMINI_API_KEY"]: Refreshing state... [id=integrator.staging.COMPOSIO_GEMINI_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["PERPLEXITY_API_KEY"]: Refreshing state... [id=integrator.staging.PERPLEXITY_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["LINEAR_API_KEY"]: Refreshing state... [id=integrator.staging.LINEAR_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["CLICKHOUSE_PASSWORD"]: Refreshing state... [id=integrator.staging.CLICKHOUSE_PASSWORD]
module.doppler_aws_secrets.doppler_secret.secrets["ENCRYPTION_KEY"]: Refreshing state... [id=integrator.staging.ENCRYPTION_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_INSTACART_API_KEY"]: Refreshing state... [id=integrator.staging.COMPOSIO_INSTACART_API_KEY]
module.doppler_aws_secrets.doppler_secret.secrets["COMPOSIO_TAVILY_API_KEY"]: Refreshing state... [id=integrator.staging.COMPOSIO_TAVILY_API_KEY]
module.ecs_api.aws_lb.api: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:256586139593:loadbalancer/app/integrator-staging-alb/5e4f301bcd0263cb]
module.rds.aws_db_subnet_group.main: Refreshing state... [id=integrator-staging-db-subnet-group]
module.rds.aws_security_group.rds: Refreshing state... [id=sg-0c78e576a056ba44a]
github_actions_secret.ecs_subnets: Refreshing state... [id=integrator:ECS_SUBNETS_STAGING]
github_actions_secret.ecs_security_groups: Refreshing state... [id=integrator:ECS_SECURITY_GROUPS_STAGING]
module.ecs_api.aws_lb_listener.http: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:256586139593:listener/app/integrator-staging-alb/5e4f301bcd0263cb/d7549a73fdd1a11a]
module.rds.aws_db_instance.main: Refreshing state... [id=db-I57KURHD3UXFT56QM2OTWRW7TQ]
module.rds.null_resource.create_readonly_user[0]: Refreshing state... [id=3885368352693534014]
module.ecs_api.aws_ecs_task_definition.migrations: Refreshing state... [id=integrator-staging-migrations]
module.doppler_aws_secrets.doppler_secrets_sync_aws_secrets_manager.sync: Refreshing state... [id=3cddcf0b-4014-410d-a552-88d3e5022617]
module.ecs_background_runner.data.aws_ecs_cluster.default[0]: Reading...
module.ecs_background_runner.data.aws_caller_identity.current: Reading...
module.ecs_background_runner.data.aws_ecr_repository.background_runner[0]: Reading...
module.ecs_background_runner.aws_iam_policy.ecs_exec: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-staging-ecs-exec-policy]
module.ecs_background_runner.aws_iam_role.task: Refreshing state... [id=integrator-staging-ecs-task-role]
module.ecs_background_runner.aws_cloudwatch_log_group.task_logs: Refreshing state... [id=/ecs/integrator/staging/background-runner]
module.ecs_background_runner.aws_cloudwatch_log_group.ecs_task_events: Refreshing state... [id=/aws/events/integrator/staging/ecs-task-state-change]
module.ecs_background_runner.aws_iam_policy.s3_knowledge_access: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-staging-s3-knowledge-access]
module.ecs_background_runner.data.aws_caller_identity.current: Read complete after 0s [id=256586139593]
module.ecs_background_runner.aws_iam_role.task_execution: Refreshing state... [id=integrator-staging-ecs-task-execution-role]
module.ecs_background_runner.data.aws_ecs_cluster.default[0]: Read complete after 0s [id=arn:aws:ecs:us-east-1:256586139593:cluster/default]
module.ecs_background_runner.aws_cloudwatch_event_rule.ecs_task_state_change: Refreshing state... [id=integrator-staging-ecs-task-state-change]
module.ecs_background_runner.aws_iam_role_policy_attachment.s3_knowledge_access: Refreshing state... [id=integrator-staging-ecs-task-role-20260110152558095500000002]
module.ecs_background_runner.aws_iam_role_policy_attachment.ecs_exec: Refreshing state... [id=integrator-staging-ecs-task-role-20251121173131775000000004]
module.ecs_background_runner.aws_iam_role_policy_attachment.task_execution: Refreshing state... [id=integrator-staging-ecs-task-execution-role-20251121173130862100000002]
module.doppler_aws_secrets.null_resource.wait_for_secrets: Refreshing state... [id=4989053128215798288]
module.ecs_background_runner.aws_iam_policy.secrets_manager_access: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-staging-ecs-secrets-access]
module.doppler_aws_secrets.data.aws_secretsmanager_secrets.synced: Reading...
module.ecs_background_runner.aws_cloudwatch_event_target.ecs_task_state_change_logs: Refreshing state... [id=integrator-staging-ecs-task-state-change-LogTaskStateChanges]
module.ecs_background_runner.aws_iam_role_policy_attachment.secrets_access: Refreshing state... [id=integrator-staging-ecs-task-execution-role-20251121173131402400000003]
module.doppler_aws_secrets.data.aws_secretsmanager_secrets.synced: Read complete after 0s [id=us-east-1]
module.ecs_api.aws_iam_policy.api_secrets_access: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-staging-api-secrets-access]
module.ecs_api.aws_ecs_task_definition.poller: Refreshing state... [id=integrator-staging-poller]
module.ecs_api.aws_ecs_service.poller: Refreshing state... [id=arn:aws:ecs:us-east-1:256586139593:service/default/integrator-staging-poller]
module.ecs_api.aws_iam_role_policy_attachment.api_secrets_access: Refreshing state... [id=integrator-staging-api-task-execution-role-20251127102440078700000001]
module.ecs_background_runner.data.aws_ecr_repository.background_runner[0]: Read complete after 0s [id=integrator-background-runner]
module.github_actions_role.aws_iam_role_policy.ecr: Refreshing state... [id=integrator-github-actions-staging:integrator-github-actions-staging-ecr-policy]
module.ecs_background_runner.aws_ecs_task_definition.background_runner: Refreshing state... [id=integrator-staging-background-runner]
module.ecs_api.aws_iam_policy.launch_background_runner: Refreshing state... [id=arn:aws:iam::256586139593:policy/integrator-staging-api-launch-tasks-policy]
module.ecs_api.aws_ecs_task_definition.api: Refreshing state... [id=integrator-staging-api]
module.ecs_api.aws_ecs_task_definition.worker: Refreshing state... [id=integrator-staging-worker]
module.ecs_api.aws_ecs_service.api: Refreshing state... [id=arn:aws:ecs:us-east-1:256586139593:service/default/integrator-staging-api]
module.ecs_api.aws_ecs_service.worker: Refreshing state... [id=arn:aws:ecs:us-east-1:256586139593:service/default/integrator-staging-worker]
module.ecs_api.aws_iam_role_policy_attachment.api_launch_tasks: Refreshing state... [id=integrator-staging-api-task-role-20251121182311833700000002]
module.github_actions_role.aws_iam_role_policy.ecs: Refreshing state... [id=integrator-github-actions-staging:integrator-github-actions-staging-ecs-policy]
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
~ update in-place
-/+ destroy and then create replacement
Terraform will perform the following actions:
# module.ecs_api.aws_ecs_service.api will be updated in-place
~ resource "aws_ecs_service" "api" {
id = "arn:aws:ecs:us-east-1:256586139593:service/default/integrator-staging-api"
name = "integrator-staging-api"
tags = {
"Environment" = "staging"
"ManagedBy" = "Terraform"
"Name" = "integrator-staging-api-service"
}
~ task_definition = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-api:81" -> (known after apply)
# (16 unchanged attributes hidden)
# (4 unchanged blocks hidden)
}
# module.ecs_api.aws_ecs_service.poller will be updated in-place
~ resource "aws_ecs_service" "poller" {
id = "arn:aws:ecs:us-east-1:256586139593:service/default/integrator-staging-poller"
name = "integrator-staging-poller"
tags = {
"Environment" = "staging"
"ManagedBy" = "Terraform"
"Name" = "integrator-staging-poller-service"
}
~ task_definition = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-poller:67" -> (known after apply)
# (16 unchanged attributes hidden)
# (3 unchanged blocks hidden)
}
# module.ecs_api.aws_ecs_service.worker will be updated in-place
~ resource "aws_ecs_service" "worker" {
id = "arn:aws:ecs:us-east-1:256586139593:service/default/integrator-staging-worker"
name = "integrator-staging-worker"
tags = {
"Environment" = "staging"
"ManagedBy" = "Terraform"
"Name" = "integrator-staging-worker-service"
}
~ task_definition = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-worker:4" -> (known after apply)
# (16 unchanged attributes hidden)
# (3 unchanged blocks hidden)
}
# module.ecs_api.aws_ecs_task_definition.api must be replaced
-/+ resource "aws_ecs_task_definition" "api" {
~ arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-api:81" -> (known after apply)
~ arn_without_revision = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-api" -> (known after apply)
~ container_definitions = (sensitive value) # forces replacement
~ enable_fault_injection = false -> (known after apply)
~ id = "integrator-staging-api" -> (known after apply)
~ revision = 81 -> (known after apply)
tags = {
"Environment" = "staging"
"ManagedBy" = "Terraform"
"Name" = "integrator-staging-api"
}
# (10 unchanged attributes hidden)
}
# module.ecs_api.aws_ecs_task_definition.poller must be replaced
-/+ resource "aws_ecs_task_definition" "poller" {
~ arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-poller:67" -> (known after apply)
~ arn_without_revision = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-poller" -> (known after apply)
~ container_definitions = (sensitive value) # forces replacement
~ enable_fault_injection = false -> (known after apply)
~ id = "integrator-staging-poller" -> (known after apply)
~ revision = 67 -> (known after apply)
tags = {
"Environment" = "staging"
"ManagedBy" = "Terraform"
"Name" = "integrator-staging-poller"
}
# (10 unchanged attributes hidden)
}
# module.ecs_api.aws_ecs_task_definition.worker must be replaced
-/+ resource "aws_ecs_task_definition" "worker" {
~ arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-worker:4" -> (known after apply)
~ arn_without_revision = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-worker" -> (known after apply)
~ container_definitions = (sensitive value) # forces replacement
~ enable_fault_injection = false -> (known after apply)
~ id = "integrator-staging-worker" -> (known after apply)
~ revision = 4 -> (known after apply)
tags = {
"Environment" = "staging"
"ManagedBy" = "Terraform"
"Name" = "integrator-staging-worker"
}
# (10 unchanged attributes hidden)
}
# module.ecs_api.aws_iam_policy.launch_background_runner will be updated in-place
~ resource "aws_iam_policy" "launch_background_runner" {
id = "arn:aws:iam::256586139593:policy/integrator-staging-api-launch-tasks-policy"
name = "integrator-staging-api-launch-tasks-policy"
~ policy = jsonencode(
{
- Statement = [
- {
- Action = [
- "ecs:RunTask",
- "ecs:DescribeTasks",
- "ecs:StopTask",
- "ecs:ListTasks",
]
- Effect = "Allow"
- Resource = [
- "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-background-runner:*",
- "arn:aws:ecs:us-east-1:256586139593:task/default/*",
]
},
- {
- Action = [
- "iam:PassRole",
]
- Condition = {
- StringEquals = {
- "iam:PassedToService" = "ecs-tasks.amazonaws.com"
}
}
- Effect = "Allow"
- Resource = [
- "arn:aws:iam::256586139593:role/integrator-staging-ecs-task-execution-role",
- "arn:aws:iam::256586139593:role/integrator-staging-ecs-task-role",
]
},
]
- Version = "2012-10-17"
}
) -> (known after apply)
tags = {
"Environment" = "staging"
"ManagedBy" = "Terraform"
"Name" = "integrator-staging-api-launch-tasks-policy"
}
# (6 unchanged attributes hidden)
}
# module.ecs_background_runner.aws_ecs_task_definition.background_runner must be replaced
-/+ resource "aws_ecs_task_definition" "background_runner" {
~ arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-background-runner:82" -> (known after apply)
~ arn_without_revision = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-background-runner" -> (known after apply)
~ container_definitions = (sensitive value) # forces replacement
~ enable_fault_injection = false -> (known after apply)
~ id = "integrator-staging-background-runner" -> (known after apply)
~ revision = 82 -> (known after apply)
tags = {
"Environment" = "staging"
"ManagedBy" = "Terraform"
"Name" = "integrator-staging-background-runner"
}
# (10 unchanged attributes hidden)
}
Plan: 4 to add, 4 to change, 4 to destroy.
Changes to Outputs:
~ api_task_definition_arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-api:81" -> (known after apply)
~ ecs_task_definition_arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-background-runner:82" -> (known after apply)
module.ecs_api.aws_ecs_task_definition.api: Destroying... [id=integrator-staging-api]
module.ecs_api.aws_ecs_task_definition.poller: Destroying... [id=integrator-staging-poller]
module.ecs_api.aws_ecs_task_definition.worker: Destroying... [id=integrator-staging-worker]
module.ecs_api.aws_ecs_task_definition.poller: Destruction complete after 0s
module.ecs_api.aws_ecs_task_definition.api: Destruction complete after 0s
module.ecs_api.aws_ecs_task_definition.worker: Destruction complete after 0s
module.ecs_background_runner.aws_ecs_task_definition.background_runner: Destroying... [id=integrator-staging-background-runner]
module.ecs_api.aws_ecs_task_definition.poller: Creating...
module.ecs_background_runner.aws_ecs_task_definition.background_runner: Destruction complete after 0s
module.ecs_background_runner.aws_ecs_task_definition.background_runner: Creating...
module.ecs_api.aws_ecs_task_definition.poller: Creation complete after 0s [id=integrator-staging-poller]
module.ecs_api.aws_ecs_service.poller: Modifying... [id=arn:aws:ecs:us-east-1:256586139593:service/default/integrator-staging-poller]
module.ecs_background_runner.aws_ecs_task_definition.background_runner: Creation complete after 0s [id=integrator-staging-background-runner]
module.ecs_api.aws_ecs_task_definition.worker: Creating...
module.ecs_api.aws_ecs_task_definition.api: Creating...
module.ecs_api.aws_ecs_task_definition.api: Creation complete after 0s [id=integrator-staging-api]
module.ecs_api.aws_ecs_task_definition.worker: Creation complete after 0s [id=integrator-staging-worker]
module.ecs_api.aws_ecs_service.api: Modifying... [id=arn:aws:ecs:us-east-1:256586139593:service/default/integrator-staging-api]
module.ecs_api.aws_ecs_service.worker: Modifying... [id=arn:aws:ecs:us-east-1:256586139593:service/default/integrator-staging-worker]
module.ecs_api.aws_ecs_service.poller: Modifications complete after 0s [id=arn:aws:ecs:us-east-1:256586139593:service/default/integrator-staging-poller]
module.ecs_api.aws_ecs_service.worker: Modifications complete after 1s [id=arn:aws:ecs:us-east-1:256586139593:service/default/integrator-staging-worker]
module.ecs_api.aws_ecs_service.api: Modifications complete after 1s [id=arn:aws:ecs:us-east-1:256586139593:service/default/integrator-staging-api]
Apply complete! Resources: 4 added, 3 changed, 4 destroyed.
Outputs:
api_ecr_repository_url = "256586139593.dkr.ecr.us-east-1.amazonaws.com/integrator-api"
api_task_definition_arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-api:82"
api_url = "http://integrator-staging-alb-1272560021.us-east-1.elb.amazonaws.com"
ecr_repository_url = "256586139593.dkr.ecr.us-east-1.amazonaws.com/integrator-background-runner"
ecs_security_groups = "sg-06a8634c658cb6242"
ecs_subnets = "subnet-006a11f7b19901be1,subnet-013a9a6febbffa4af,subnet-0167a232e3ca0bda3,subnet-023ad462e398f7e71,subnet-031e32528629c9dc1,subnet-0d79b9a8cbdbe9216"
ecs_task_definition_arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-background-runner:83"
github_actions_role_arn = "arn:aws:iam::256586139593:role/integrator-github-actions-staging"
migrations_task_definition_arn = "arn:aws:ecs:us-east-1:256586139593:task-definition/integrator-staging-migrations:3"
rds_address = "integrator-staging-postgres.cyx4mqkwmkeq.us-east-1.rds.amazonaws.com"
rds_database_name = "integrator_staging"
rds_endpoint = "integrator-staging-postgres.cyx4mqkwmkeq.us-east-1.rds.amazonaws.com:5432"
rds_master_password_secret_arn = "arn:aws:secretsmanager:us-east-1:256586139593:secret:integrator/staging/rds-master-password-4QWym0"
rds_readonly_user_secret_arn = "arn:aws:secretsmanager:us-east-1:256586139593:secret:integrator/staging/rds-readonly-password-lDH8hO"
🎉 Staging applied successfully! PR is now ready to merge.