search

hackforla / incubator

https://github.com/orgs/hackforla/projects/73/views/5
GNU General Public License v2.0
3 stars 14 forks source link

Update README.md to explain Incubator #45

Open robinglov opened 10 months ago

robinglov commented 10 months ago

Overview

As someone who wants to learn more about this project, I want to know how to use Incubator and Terraform for overview of the project and to be pointed to the resources that would help me contribute.

Action Items

Resources/Instructions

Ops Wiki Terraform Installation Terraform Incubator CICD resource

Tyson-miller commented 10 months ago

I added some things to this documentation that I believe would suffice to get people set up and ready to develop in this repository with Terraform. It would be nice if some new people went through it and tried to get set up + added notes wherever they got stuck.

robinglov commented 10 months ago

I added some things to this documentation that I believe would suffice to get people set up and ready to develop in this repository with Terraform. It would be nice if some new people went through it and tried to get set up + added notes wherever they got stuck.

This looks great! We'll start thinking about who would be good to take this on.

robinglov commented 9 months ago

@Tyson-miller In step 1 the command below didn't return anything.

which aws

The below seemed to work.

aws --version
>> aws-cli/2..15.15

Is this the desired result or did I do something incorrectly?

robinglov commented 9 months ago

User needs iam:ListAccessKeys to get Access Key

Help text for Administrator:

User: arn:aws:iam::035866691871:user/robin_glover Service: iam Action: ListSigningCertificates On resource(s): user Context: because no identity-based policy allows the iam:ListSigningCertificates action

Tyson-miller commented 9 months ago

@Tyson-miller In step 1 the command below didn't return anything.

which aws

The below seemed to work.

aws --version
>> aws-cli/2..15.15

Is this the desired result or did I do something incorrectly?

Interesting yeah that's another way to confirm you have it installed correctly and it's probably better. Updated the documentation accordingly

Tyson-miller commented 9 months ago

User needs iam:ListAccessKeys to get Access Key

Help text for Administrator:

User: arn:aws:iam::035866691871:user/robin_glover Service: iam Action: ListSigningCertificates On resource(s): user Context: because no identity-based policy allows the iam:ListSigningCertificates action

We have a custom IAM policy called SelfManageCredentials which allows people to create access keys. This policy is currently assigned to the ops-group User Group so if users are put in that group then they can create access keys, if not then they won't be able to. I imagine this will change with our IAM re-working but I'll add something to the documentation for now to note that

ExperimentsInHonesty commented 8 months ago

@Tyson-miller Thanks for the note

We have a custom IAM policy called SelfManageCredentials which allows people to create access keys. This policy is currently assigned to the ops-group User Group so if users are put in that group then they can create access keys, if not then they won't be able to. I imagine this will change with our IAM re-working but I'll add something to the documentation for now to note that

It sounds like the process for getting people onboarded has been built or is being built, but I can't find any documentation on it, other than this comment. Where is the documentation for how team members get added to SelfManageCredentials and what happens. I know there is a google doc: IAM Groups and Policies, where we have been working out the details, and I have now made a wiki page DevOps wiki, Permission levels for team members, were we can add information.

Do you know of any other documentation?

robinglov commented 8 months ago

@Tyson-miller Joey has volunteered to help out with this. I'm taking you off the issue, but let me know if you want to keep working on it.

ExperimentsInHonesty commented 1 month ago

This issue is old and might already be addressed by other onboarding processes. Please review

ExperimentsInHonesty commented 1 month ago

I will assemble all the links from this issue at the bottom here, and then we can review to sort into (keep where it is, keep but move, delete, replace, update)

links