Open holdenhinkle opened 2 months ago
Here’s a relevant doc - https://docs.google.com/document/d/1klUtD9_XhJrAaaIcLHc6Qt9MeuChd2ORUlj_ivtzuBg/edit?usp=sharing
Here’s a support ticket - https://dsva.slack.com/archives/CBU0KDSB1/p1720815626324199
I zoomed with Kyle Metheny and Kshitiz Shrestha from Platform/DevOps. Kyle gave me a bunch of useful information to go back to the networking group with:
Just a quick notes dump:
The port is open to some traffic
Vets-api is external even though with part of the va.gov space
Goes how to the transit gateway
Show them that CAG works
It times out from vets-api
All outbound traffic is leaving us but it’s not making its way to the next hop.
VA EC AWS handles the routing
This CIDR block (this block of IPs is not allowed to the port) (if we’re not on the allowed list we can’t connect)
Check with NEO - network edge operations - probably the group I’ve got an open ticket with. Kyle said this type of stuff takes forever to sort out, and everyone just gets passed around endlessly. He said if I needed anything else to ask in that support ticket.
From Kyle:
Just got kicked back to ESECC:
I re-opened the ESECC ticket that I opened ~1.5 months ago
New Slack thread - https://dsva.slack.com/archives/C06ABHUNBRS/p1721243488744259
Holden Hinkle 3 minutes ago @Sam Raudabaugh
@Gabriel Zurita My latest request to the Networking group for help getting vets-api configured to be able to consume the Accreditation API has been kicked back to me. They told me to contact ESECC (who was the first group I contacted 1 - 1.5 months ago). I reopened that ticket and the person I was working with from ESECC gave me a list of items in my request that need to be submitted: ESECC request# RFC-011835 RFMI
Sam, Gabriel and I paired on this for over an hour on Friday. We're continuing today (Monday) from 3-4pm.
The three of us paired again today and finished the request form. I asked my contact at ESECC if we need to submit a separate request for each GCLAWS environment. I'm waiting to here back from him before I submit request (I'm hoping I can add information about the other environments in the Comments section of the request).
Holden Hinkle 1:29 PM That ESECC request just got kicked back to me :disappointed: 1:30 There are a few notes. The first is that the requester must be a VA employee. Is it okay if I make you the requester @Sam Raudabaugh ? 1:33 Here are the comments: Ernest Grogg 7/25/2024 8:42:48 AM RFMI: Requester must be a VA Employee. Contractors can create a request but may not be listed as a requester and should contact their VA government counterpart or Contracting Officer Representative confirming the needed changes prior to submission. Administration needs to be filled in. VA Primary POC needs filled in. Internal FQDN needs to be registered in the Web registry. Supported browsers should be listed. Business Justification must be filled in. The business case should cover these specifics where possible: (1) Derivative of what is documented in the MOU where one exists; (2) Why it is needed and the impact if not fulfilled; (3) Who is requesting and who is it servicing; (4) What are the business reasons and the benefits of implementing the change;, (5) What is the desired outcome; and (6) Where is it needed or have an impact.
Sam re-submitted the request today, hoping to hear back. Pinging the Teams channel might help to move things along.
Passed approval, waiting for implementation which entails network team adding in firewalls. Should be in the next couple weeks.
Sam will inquire on who the point of contact is, for updates on this.
ESECC meeting tomorrow, Sam will get a status update
The request is awaiting approval of VA.gov ISSO Albert Estacio. I reached out to him today to explain the need.
Albert Estacio and Randy Trexler approved the request yesterday and it's moved to the Support Staff Approval stage.
Status is being tracked here: https://esecc.va.gov/CGWeb/MainUI/Changemanagement/StaffRFC.aspx?boundtable=IChangeManagementTicket&CloseOnPerformAction=false&ID=14985&windowWidth=1050&openTime=1722017159558&refreshOnClose=true
Background
vets-api is still not able to consume the Accreditations API. Get this working
Tasks
Acceptance Criteria
How to configure this issue
backend
,frontend
,ux
,design
,research
)mvp
)