Create baseline IAM policies for AWS resources in MCP

NASA-PDS / planetary-data-cloud

PDS Cloud Migration documentation, issue, tracking and simple tools for assisting in the PDS hybrid cloud study and migration efforts.

Apache License 2.0

0 stars 0 forks source link

Create baseline IAM policies for AWS resources in MCP #95

Closed sjoshi-jpl closed 1 month ago

sjoshi-jpl commented 6 months ago

💡 Description

Create baseline IAM policies for AWS resources to be attached to new IAM roles

Create a list of all AWS resources we use (EC2, S3, etc.)
Name these policies like pds_service-name_policy
Create and deploy baseline policy for each resource using Terraform
Get policies reviewed by SA team for least privilege access
Notify team to leverage these policies for new IAM roles

⚔️ Parent Epic / Related Tickets

No response

tloubrieu-jpl commented 3 months ago

@sjoshi-jpl is developing a terraform module for this purpose.

tloubrieu-jpl commented 2 months ago

Some progress made and works for the development team. @sjoshi-jpl would like the feedback from the SA's on the organization of the modules (roles and policies)

jordanpadams commented 2 months ago

status: approved by SA team. to-be-moved to GitHub and reviewed for Thursday.

tloubrieu-jpl commented 1 month ago

@sjoshi-jpl is going to publish his terraform code for the SAs to review and deploy the roles in operations.

tloubrieu-jpl commented 1 month ago

@sagar created a ticket to create all the components needed.