manics
commented
2 years ago Thanks for responding to the review! I've got one more small suggestion, add a CONTRIBUTING.md file to the repo:
https://docs.github.com/en/communities/setting-up-your-project-for-healthy-contributions/setting-guidelines-for-repository-contributors
raynamharris
Hi @abhijna :wave:
I'm one the reviewers for your JOSE paper https://github.com/openjournals/jose-reviews/issues/167
I'm planning to do a full run through of the AWS course myself so will have more feedback later, but I've got a few initial comments.
Use of admin credentials for participants
https://github.com/nih-cfde/training-and-engagement/wiki/IAM-account-for-AWS
It makes things easier for to setup, especially if you have additional AWS courses, but it does expose the AWS account holder to the risk of misuse. Best-practice is to minimise privileges where reasonable. Since the participants are potentially complete novices there's a higher risk of leaking credentials, and there's the risk of someone playing around and creating other unexpected resources.
Have you considered adding a restrictive IAM policy? For instance you could allow just console access,
ec2:*, and whatever else is required, along with a region restriction (it's annoying easy to accidentally switch region without realising).How others should re-use your course materials
Do you recommend people use https://training.nih-cfde.org/en/latest/Cloud-Platforms/Introduction_to_Amazon_Web_Services/introtoaws1/ directly, or would you prefer them to build their own site using your materials? I noticed in an older version of the course you had a link to a Google feedback form (now removed), which obviously isn't relevant for other institutions, so I was wondering what your preferences were for re-use.