Closed michaeljcollinsuk closed 1 month ago
Implementation made
Unit tests written
This ticket needs testing in development. The plan is to take the PR build and put it in dev and see what permissions are missing.
Merged to main. Going to put into development to test.
Changes now in development. Experimented to find appropriate permissions to apply to the control panel role in order to apply permissions on users. They've been applied via AP Terraform
UI needs some tweaks to make information presentation clearer. Blocked as we need a database and shared tables from DPR into AP account.
Deployed to prod for testing with pre-prod data. It is using the curated_prisons_history_preprod_dbt
database and tables, via a resource link.
Follow on tickets may need to be raised once further testing has been completed, but the DOD for this ticket is now complete and has been deployed to production.
User Story
As a data engineer I want to grant other users access to my databases in the Control Panel So that access is visible and easy to maintain
Value / Purpose
We are currently working with the DPR team to share their databases with the AP. Once shared, we need to grant AP users access. Doing this in Lake Formation has benefits to the existing method of managing IAM roles via data-engineering-database-access.
We have also had a feature request for this from our users https://github.com/ministryofjustice/analytical-platform/issues/4352
Useful Contacts
@michaeljcollinsuk, @jamesstottmoj
User Types
No response
Hypothesis
If we... add Lake Formation to Control Panel Then... database access management will be improved
Proposal
Integrate Lake Formation with the Control Panel so that users can manage database access themselves.
Initial scope should be limited to:
Additional Information
See related feature request https://github.com/ministryofjustice/analytical-platform/issues/4352
Definition of Done