From dcac2ada0419cc14447e7ff89b1aedd3a6309d37 Mon Sep 17 00:00:00 2001
From: kwiss <mr.dumont.christophe@gmail.com>
Date: Mon, 27 May 2024 02:29:54 +0200
Subject: [PATCH] chore: update for docker

---
 aws/cdk-solis-ecs/lib/efs-construct.ts | 30 +++++++++++++++++---------
 1 file changed, 20 insertions(+), 10 deletions(-)

diff --git a/aws/cdk-solis-ecs/lib/efs-construct.ts b/aws/cdk-solis-ecs/lib/efs-construct.ts
index 32425c224..f097586b7 100644
--- a/aws/cdk-solis-ecs/lib/efs-construct.ts
+++ b/aws/cdk-solis-ecs/lib/efs-construct.ts
@@ -19,17 +19,27 @@ export class EfsConstruct extends Construct {
       vpcId: props.vpcId
     });
 
-    const fileSystemName = "RecordingEFSFileStorage";
-
     const fileSystem = new efs.CfnFileSystem(this, "RecordingEFSFileStorage", {
       performanceMode: "maxIO",
       encrypted: true,
       fileSystemTags: [
         {
           key: "Name",
-          value: fileSystemName
+          value: "RecordingEFSFileStorage"
         }
-      ]
+      ],
+      fileSystemPolicy: {
+        Version: "2012-10-17",
+        Statement: [
+          {
+            Effect: "Allow",
+            Principal: {
+              AWS: "*"
+            },
+            Action: ["elasticfilesystem:ClientMount", "elasticfilesystem:*"]
+          }
+        ]
+      }
     });
 
     const securityGroup = new ec2.SecurityGroup(this, "EfsSecurityGroup", {
@@ -39,13 +49,13 @@ export class EfsConstruct extends Construct {
       securityGroupName: "EfsSecurityGroup"
     });
 
-    for (const privateSubnet of vpc.privateSubnets) {
-      new efs.CfnMountTarget(this, `EfsMountTarget-${privateSubnet.node.id}`, {
+    vpc.privateSubnets.forEach((subnet, index) => {
+      new efs.CfnMountTarget(this, `EfsMountTarget-${index}`, {
         fileSystemId: fileSystem.ref,
         securityGroups: [securityGroup.securityGroupId],
-        subnetId: privateSubnet.subnetId
+        subnetId: subnet.subnetId
       });
-    }
+    });
 
     const accessPoint = new efs.CfnAccessPoint(this, "EfsAccessPoint", {
       fileSystemId: fileSystem.ref,
@@ -54,11 +64,11 @@ export class EfsConstruct extends Construct {
         gid: "1000"
       },
       rootDirectory: {
-        path: "/",
+        path: "/efs",
         creationInfo: {
           ownerGid: "1000",
           ownerUid: "1000",
-          permissions: "777"
+          permissions: "777" // Ensure this is set to 777
         }
       }
     });