Hand over Oracle licensing work from root account to modernisation platform

ministryofjustice / modernisation-platform

A place for the core work of the Modernisation Platform • This repository is defined and managed in Terraform

https://user-guide.modernisation-platform.service.justice.gov.uk

MIT License

681 stars 290 forks source link

Hand over Oracle licensing work from root account to modernisation platform #8023

Open davidkelliott opened 2 months ago

davidkelliott commented 2 months ago

User Story

There was a PoC completed in the root account to discover Oracle licenses across the MoJ estate. This work needs to be completed and moved in to production for all MP accounts.

See here for overview of solution - https://aws.amazon.com/blogs/mt/centrally-track-oracle-database-licenses-in-aws-organizations-using-aws-license-manager-and-aws-systems-manager/

See existing work here - https://github.com/ministryofjustice/aws-root-account/blob/main/organisation-security/terraform/license-manager.tf

This story is to hand over the PoC from @davidkelliott and take it into the MP.

Value / Purpose

Realise the value of the work already done and make sure it is updated and maintained.

Useful Contacts

@davidkelliott

Additional Information

No response

Definition of Done

[x] Hand over from David Elliott
[ ] Update solution so that it is working and production ready
[ ] Document solution for users

markgov commented 1 month ago

Had a Meeting with Dave Eto talk about the issue going to look at what is currently in place on the root account

markgov commented 1 month ago

Looked at the cloudformation and possible fix to implement it on example account on it's own just in the process of testing at the moment

markgov commented 3 weeks ago

After applying an update to the cloud formation the workflow failed with the following error ╷ │ Error: waiting for CloudFormation Stack (arn:aws:cloudformation:eu-west-2:***:stack/OracleDbLTS/e0b4ffe0-256f-11ee-ab44-0ac49305d196) update: timeout while waiting for state to become 'CREATE_COMPLETE, UPDATE_COMPLETE, UPDATE_ROLLBACK_COMPLETE, UPDATE_ROLLBACK_FAILED' (last state: 'UPDATE_IN_PROGRESS', timeout: 30m0s) │ │ with aws_cloudformation_stack.oracleblts, │ on license-manager.tf line 47, in resource "aws_cloudformation_stack" "oracleblts": │ 47: resource "aws_cloudformation_stack" "oracleblts" { │ ╵ Error: Terraform exited with code 1. Error: Process completed with exit code 1.

i have created a new PR which increases the timeout for the cloud formation stack

markgov commented 3 weeks ago

https://github.com/ministryofjustice/aws-root-account/pull/1026

markgov commented 3 weeks ago

created a PR which fixs the poc ssm association so that it runs on a schedule https://github.com/ministryofjustice/aws-root-account/pull/1027

markgov commented 2 weeks ago

Unfortunately there was an error in the cloud formation code from aws i am in the process of debugging there code to make a clean run

markgov commented 2 weeks ago

New Pr sent up to change the way the yaml file is processed https://github.com/ministryofjustice/aws-root-account/pull/1030

markgov commented 1 week ago

Still having issues with file name length created a new PR with a shortened file name but that has failed as well need to look into this more as i think it is the s3_object upload that is failed and it due to the source being more than 255 char long

markgov commented 4 days ago

Going to move to blocked until i can talk to Bhat, Praveen on the 2nd of december