[IGBF-2346] Develop role appstore_s3 - JIRA UNCC

Details

Type: New Feature
Status: Closed (View Workflow)
Priority: Major
Resolution: Done
Affects Version/s: None
Fix Version/s: None
Labels:
None

Story Points:
0.25
Epic Link:
Deploy and maintain infrastructure
Sprint:
Spring 7 : 13 Apr to 24 Apr, Spring 8 : 24 Apr to 8 May, Spring 8 : 11 May to 25 May

Description

deployS3 role was migrated to a new role named appstore_s3 as part of ~~IGBF-2342~~.

However, it has not been tested.

For this task, modify role appstore_s3 as required to ensure that the S3 bucket is created.

In addition, create a role that will allow the AppStore VM to modify the newly created S3 bucket. Assign the role to the VM.

The role should have name ec2_name

Attachments

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Ann Loraine added a comment - 24/Apr/20 5:40 PM

If you have time left today, could you work on this one?

(if yes, move it to In Progress)

Show

Ann Loraine added a comment - 24/Apr/20 5:40 PM If you have time left today, could you work on this one? (if yes, move it to In Progress)

11 older comments

Hide

Permalink

Chester Dias (Inactive) added a comment - 05/May/20 1:48 PM

Requested Changes are made, Please review
https://bitbucket.org/chesterdias/chester-local-appstore-playbooks/branch/IGBF-2346#diff

Show

Chester Dias (Inactive) added a comment - 05/May/20 1:48 PM Requested Changes are made, Please review https://bitbucket.org/chesterdias/chester-local-appstore-playbooks/branch/IGBF-2346#diff

Hide

Permalink

Ann Loraine added a comment - 05/May/20 2:00 PM

Change requests - please take a look:

Do not make any changes to EC instance as it is not created yet - please note order of role execution in set_up.yml.

Accordingly, check role appstore_ec2 to ensure it is created using the new syntax.

Please note: the master branch version of appstore_s3/tasks/main.yml does not create a stand-alone policy but instead simply modifies a role that is created in the previous task. The proposed changes are an improvement on this because a stand-alone policy is being created, which is a better because this same policy can be separately attached to IAM users, thus allowing them to use the AWS console to make changes to their App Store's bucket.

Change "policy_name" in task "Create IAM Managed Policy" to {{ s3_bucket_name }}.

Change "name" in task "Create IAM role if not present for Ec2" to {{ s3_bucket_name }}

Carefully compare proposed changes to master branch version to ensure existing functionality or assumptions will not be disrupted. If they are, please fix accordingly.

Show

Ann Loraine added a comment - 05/May/20 2:00 PM Change requests - please take a look: Do not make any changes to EC instance as it is not created yet - please note order of role execution in set_up.yml. Accordingly, check role appstore_ec2 to ensure it is created using the new syntax. Please note: the master branch version of appstore_s3/tasks/main.yml does not create a stand-alone policy but instead simply modifies a role that is created in the previous task. The proposed changes are an improvement on this because a stand-alone policy is being created, which is a better because this same policy can be separately attached to IAM users, thus allowing them to use the AWS console to make changes to their App Store's bucket. Change "policy_name" in task "Create IAM Managed Policy" to {{ s3_bucket_name }}. Change "name" in task "Create IAM role if not present for Ec2" to {{ s3_bucket_name }} Carefully compare proposed changes to master branch version to ensure existing functionality or assumptions will not be disrupted. If they are, please fix accordingly.

Hide

Permalink

Chester Dias (Inactive) added a comment - 05/May/20 2:24 PM

I have checked the order, the proposed change has been added.
I have moved the for 'granting a role to ec2' to appstore_ec2 since the ec2 won't be created till that execution point.

Show

Chester Dias (Inactive) added a comment - 05/May/20 2:24 PM I have checked the order, the proposed change has been added. I have moved the for 'granting a role to ec2' to appstore_ec2 since the ec2 won't be created till that execution point.

Hide

Permalink

Chester Dias (Inactive) added a comment - 05/May/20 2:25 PM

Please review the change:https://bitbucket.org/chesterdias/chester-local-appstore-playbooks/branch/IGBF-2346#diff

Show

Chester Dias (Inactive) added a comment - 05/May/20 2:25 PM Please review the change: https://bitbucket.org/chesterdias/chester-local-appstore-playbooks/branch/IGBF-2346#diff

Hide

Permalink

Chester Dias (Inactive) added a comment - 07/May/20 9:30 AM

PR: https://bitbucket.org/lorainelab/appstore-playbooks/pull-requests/24/igbf-2346/diff

Show

Chester Dias (Inactive) added a comment - 07/May/20 9:30 AM PR: https://bitbucket.org/lorainelab/appstore-playbooks/pull-requests/24/igbf-2346/diff

People

Assignee:

Chester Dias (Inactive)

Reporter:

Ann Loraine

Votes:

0 Vote for this issue

Watchers:

2 Start watching this issue

Dates

Created:

23/Apr/20 12:22 AM

Updated:

24/May/20 7:38 PM

Resolved:

24/May/20 7:37 PM