Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Viewer role not used for anvilprod #6396

Closed
hannes-ucsc opened this issue Jul 11, 2024 · 5 comments
Closed

Viewer role not used for anvilprod #6396

hannes-ucsc opened this issue Jul 11, 2024 · 5 comments
Assignees
@hannes-ucsc
Labels
+ [priority] High bug [type] A defect preventing use of the system as specified compliance [subject] Information and software security no demo [process] Not to be demonstrated at the end of the sprint orange [process] Done by the Azul team

Comments

@hannes-ucsc
Copy link
Member

hannes-ucsc commented Jul 11, 2024
edited
Loading

The platform-anvil-prod account started off as a non-stable deployment. We need a viewer role there (and a corresponding group in the gateway account) and move all team members from developer to that role.
@hannes-ucsc hannes-ucsc added the orange [process] Done by the Azul team label Jul 11, 2024
@achave11-ucsc
Copy link
Member

Assignee to provide description and next steps.

@hannes-ucsc hannes-ucsc added bug [type] A defect preventing use of the system as specified debt [type] A defect incurring continued engineering cost compliance [subject] Information and software security + [priority] High and removed debt [type] A defect incurring continued engineering cost labels Aug 23, 2024
@hannes-ucsc hannes-ucsc removed their assignment Aug 23, 2024
@hannes-ucsc
Copy link
Member Author

I think we should solve this in a 20min meeting with Erich. Assignee to coordinate that.

@achave11-ucsc
Copy link
Member

Meeting was held. Assignee to consider next steps.

@hannes-ucsc
Copy link
Member Author

https://ucsc-gi.slack.com/archives/C705Y6G9Z/p1725396022536639

@hannes-ucsc
Copy link
Member Author

hannes-ucsc commented Sep 3, 2024
edited
Loading

I've modified the viewer role in anvilprod to mirror prod. Erich originally used the AWS-managed ViewOnlyAccess policy instead of ReadOnlyAccess and, for the custom permissions, he used a inline policy instead of a customer-managed one. I fixed both so that anvilprod is identical to prod in that aspect.

@hannes-ucsc hannes-ucsc added the no demo [process] Not to be demonstrated at the end of the sprint label Sep 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hannes-ucsc hannes-ucsc

Labels
+ [priority] High bug [type] A defect preventing use of the system as specified compliance [subject] Information and software security no demo [process] Not to be demonstrated at the end of the sprint orange [process] Done by the Azul team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@hannes-ucsc @achave11-ucsc @nolunwa-ucsc