Open danielhartnell opened 5 years ago
danielhartnell
commented
5 years ago Quick update: sso.allizom.org has been moved to the IAM account. Making sure everything works and then I'll move the prod zone. We can rollback if anyone reports an issue.
danielhartnell
commented
5 years ago sso.mozilla.com has been moved to the IAM account as well. I'll keep an eye on things today and we can probably remove the old zones when we're back after the holiday.
danielhartnell
commented
5 years ago Records were deleted from the old zones. I'll follow up in an hour or so to delete those hosted zones. Providing a little time just in case an unexpected issue occurs.
gene1wood
commented
5 years ago @andrewkrug Can the SSO dashboard cloudformation stacks and constituent resources in infosec-prod and infosec-dev be deleted?
Once that's done I can delete the
Also, can you confirm that person-api.sso.mozilla.com is setup in the mozilla-iam AWS account so I can delete the expired person-api.sso.mozilla.com cert in infosec-prod us-west-2
Same for person-api.sso.allizom.org which has an expired cert in infosec-dev us-west-2
gene1wood
commented
5 years ago @andrewkrug will take care of this in https://jira.mozilla.com/browse/EIS-849
The current production and dev zones need to be moved to the IAM account. I will manage this migration. Once this is complete, we should remove the old zones from the InfoSec accounts and remove the the unused ACM certificates. The domains in question are sso.mozilla.com and sso.allizom.org.
cc @andrewkrug @gene1wood