Enable versioning on shared venue buckets

[LucaCinquini]

Note: this ticket should be transferred by @galenatjpl to one of the CS GitHub repositories.

When storing the Terraform state of the systems on S3, it is recommended that the S3 bucket be enabled with versioning: this is to be able to recover the state in case of accidental deletion.

See warning in instructions: https://developer.hashicorp.com/terraform/language/settings/backends/s3

"Warning! It is highly recommended that you enable Bucket Versioning on the S3 bucket to allow for state recovery in the case of accidental deletions and human error."

So can we please enable versioning on the bucket "unity-unity-dev-bucket" and all the similar buckets in each venue?

[mike-gangl]

💯good catch @LucaCinquini and team. Galen, is this aprt of management console? or the cloudfront? We should transfer this issue to that location.

[galenatjpl]

@LucaCinquini @mike-gangl , This bucket gets created by the management console as part of the bootstrap process. Please assign this ticket to me, and move it to the unity-cs repository. Thanks

[galenatjpl]

@jdrodjpl the s3.go code needs to be updated so that new Management Console deployments enable versioning on the bucket. Also, for the "blessed" instances/buckets that already exist in unity-venue-dev, unity-venue-test, (and unity-venue-ops?), we may need to go in an manually set this setting in the AWS web console, unless we plan on destroying and re-deploying. I'm actually in favor of doing the latter (destroy, release a new MC version, and re-deploy).

[LucaCinquini]

Please let us know what you decide. We are already using the unity-unity-dev-bucket to store S3 states. If you decide to destroy it, we first need to undeploy SPS, then wait for you to enable versioning. A manual upgrade in the console might be preferable to us, but we can go either way.

[galenatjpl]

@jdrodjpl please note @LucaCinquini 's comment above.

[jdrodjpl]

@LucaCinquini I went ahead and just enabled the versioning option for both unity-venue-dev and unity-venue-test, no need to do anything.

[jdrodjpl]

@galenatjpl this has been added to the latest MC tag and is done.

[LucaCinquini]

Great, thanks guys.

[galenatjpl]

thanks @jdrodjpl !