minor corrections

hackoregon · Jul 7, 2019 · 95faaa3 · 95faaa3
1 parent 764a859
commit 95faaa3
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 27 deletions.
diff --git a/bin/README.md b/bin/README.md
@@ -5,7 +5,7 @@
 * **create-db.sh**: after installing PostgreSQL database service, configured and running, run this script from an SSH shell on the VM to create each new database instance (note: if your database instance requires PostGIS, run `build-and-install-PostGIS.sh` before restoring the database or generating the database schema)
 * **create-ec2-machine-database.sh**: run this script from a local \*NIX (Mac, Linux or Ubuntu on Win10) shell, where `awscli` is installed and AWS credentials are available, to create a new EC2 VM from the input `profile.sh` configuration
 * **ec2-profile-database-development.sh**: use this script as the `profile.sh` input configuration for the `create-ec2-machine-database.sh` script, to create the central PostgreSQL database host for Hack Oregon's 2018 project season
-* **ssm-parameters-upload.py**: 
+* **ssm-parameters-upload.py**: run this script to upload a bulk array of new SSM Parameter Store parameters
 * **upload-and-ssh-into-ec2.sh**: run this script to `scp` all files in the current directory and `ssh` into the designated SSH-enabled host
 
 Order of operations, from scratch:

diff --git a/docs/database/2019/HOWTO: Build RDS instances.md b/docs/database/2019/HOWTO: Build RDS instances.md
@@ -13,33 +13,37 @@ Staging vs. Production - rather than a single layer for full-season usage - beca
 ## Procedure
 
 1. Create an RDS instance with the following shared characteristics (suitable for staging aka "development" work):
-- - engine = PostgreSQL
-- - Use Case = dev/test
-- - DB engine version = PostgreSQL 11.2-R1
-- - DB instance class = db.t2.small
-- - Multi-AZ deployment = No
-- - Storage type = General purpose (SSD)
-- - Allocated storage = 100 GB
-- - Virtual Private Cloud = Default VPC
-- - Public accessibility = yes (note: will be "no" for production DBs, that can only be accessed via Django container in ECS)
-- - Availability zone = no preference
-- - VPC security groups = hacko-public-database (note: will be more restrictive for production DBs)
-- - IAM DB authentication = Disable
-- - Encryption = Enable
-- - Master key = (default) aws/rds
-- - Backup retention period = 7 days
-- - Backup window = no preference
-- - Enhanced monitoring = Enable enhanced monitoring
-- - Performance insights = Enable performance insights, retention period = 7 days, Master key = (default) aws/rds
-- - Log exports = Postgresql log
-- - Auto minor version upgrade = Enable auto minor version upgrade
-- - Maintenance window = No preference
-- - Deletion protection = Enable delete protection
-2. Create a login role according to the naming conventions e.g. `transportation2019` - which has following privileges:  Can login, Inherit rights from the parent roles
+** engine = PostgreSQL
+** Use Case = dev/test
+** DB engine version = PostgreSQL 11.2-R1
+** DB instance class = db.t2.small
+** Multi-AZ deployment = No
+** Storage type = General purpose (SSD)
+** Allocated storage = 100 GB
+** Virtual Private Cloud = Default VPC
+** Public accessibility = yes (note: will be "no" for production DBs, production databases can only be accessed via the related Django container in ECS production deploy)
+** Availability zone = no preference
+** VPC security groups = hacko-public-database (note: will be more restrictive for production DBs)
+** IAM DB authentication = Disable
+** Encryption = Enable
+** Master key = (default) aws/rds
+** Backup retention period = 7 days
+** Backup window = no preference
+** Enhanced monitoring = Enable enhanced monitoring
+** Performance insights = Enable performance insights, retention period = 7 days, Master key = (default) aws/rds
+** Log exports = Postgresql log
+** Auto minor version upgrade = Enable auto minor version upgrade
+** Maintenance window = No preference
+** Deletion protection = Enable delete protection
+2. Create a login role according to the naming conventions e.g. `transportation2019` - which has following privileges:  Can login, Create databases, Inherit rights from the parent roles
 3. Create the database according to the https://docs.google.com/spreadsheets/d/147thL899Bf8IL3ma1S9XBrNXL2xYsIRM5mE-3fceIcQ/ naming scheme
 4. Assign the created login role as the Owner of the DB
-- - note: in AWS RDS, the role creating the database must have the role which will be owner of the database being created: https://stackoverflow.com/a/34898033
+** note: in AWS RDS, the role creating the database must have the role which will be owner of the database being created: https://stackoverflow.com/a/34898033
 5. Execute the following command in the new DB using the Query Tool or other SQL automation:
 `CREATE EXTENSION postgis;`
-6. Even better: add the `postgis` extension to the template database, so that all new databases will automatically get it: `
-7. If you need add another role with read-only privileges to the DB, use the script in *HOWTO-enable-readonly-database-user* or similar.
+** Even better: add the `postgis` extension to the `template1` database, so that all new databases will automatically get it: _(TBD)_
+6. If you need add another role with read-only privileges to the DB, use the script in *HOWTO-enable-readonly-database-user* or similar.
+
+## Other troubleshooting notes
+
+- Check which extensions are enabled for each database - connect to the database and run `SELECT * FROM pg_extension;`