Open lisakaser opened 1 month ago
A few notes from the CMR mediator arena:
puppet-nsidc-vault-client
puppet module to interact with the NSIDC Vault instance when provisioning a VM.cmr-mediator
also requires a Launchpad certificate for CMR write purposes. We shouldn't need to worry about this unless Launchpad authentication is somehow involved in staging files to Cumulus.vault-in-docker
project on Bitbucket).vagrant-nsidc
credentials tarball includes a Vault key pair, presumably to allow access to the Vault API. Apparently vagrant-nsidc
v13.1.0 (future) will no longer use the credentials tarball, but instead pull information directly from Vault. Mike L. will need to provide more background on how this magical Vault access is implemented.
5 story points
acceptance criteria: As operator I can run the tool and it will retrieve the valid AWS credentials from vault and publish CNM message to Kinesis stream. App will have to message that credentials were retrieved successfully and cnm messages are posted. Appropriate error messages if there are no credentials or not valid credentials.
Something similar was done on CMR mediator that could be reused here - Mike Laxer could help
VM is requested on long term; Short term we will not create VM but treat credentials similar to the VM will do in the future (credential tarball can be moved to VM once we get there)
Vault to be used as credential source