Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

infrastructure: add extra IAM roles (image processor, external user) #11

Open
imrehg opened this issue Apr 7, 2020 · 3 comments
Open

infrastructure: add extra IAM roles (image processor, external user) #11

imrehg opened this issue Apr 7, 2020 · 3 comments
Assignees
@imrehg
Labels
enhancement New feature or request infrastructure Issues regarding the infrastructure setup
Milestone
First Deploy

Comments

@imrehg
Copy link
Contributor

imrehg commented Apr 7, 2020

In addition to the existing file uploader.
@imrehg imrehg added infrastructure Issues regarding the infrastructure setup enhancement New feature or request labels Apr 7, 2020
@imrehg
Copy link
Contributor Author

imrehg commented Apr 7, 2020

Also: console-enabled user that can view the "raw/" folder (at least, but likely the whole thing) in read-only mode.

@imrehg imrehg self-assigned this Apr 8, 2020
@imrehg imrehg mentioned this issue Apr 8, 2020
Merged
@imrehg
Copy link
Contributor Author

imrehg commented Apr 14, 2020

For console user: add policies to manage their access keys and their MFA settings.

Add info on the workflow how to add different users to the account.

@imrehg
Copy link
Contributor Author

imrehg commented Apr 14, 2020

Used some of this in experimentation: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_iam_mfa-selfmanage.html (but that prevents most of the CLI access as is, due to the BlockMostAccessUnlessSignedInWithMFA section) and https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_iam_credentials_console.html to rotate their own credentials.
But this needs more work.

@imrehg imrehg added this to the First Deploy milestone Apr 17, 2020
@imrehg imrehg pinned this issue Apr 21, 2020
@imrehg imrehg mentioned this issue May 28, 2020
Open
imrehg added a commit that referenced this issue Sep 22, 2020
@imrehg
infrastructure: add "validation" user group to access validation files
ae522e0 
Accessing the `validation/` prefix and contents only.

Connects-to: #11
Signed-off-by: Gergely Imreh <[email protected]>
@imrehg imrehg mentioned this issue Sep 22, 2020
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@imrehg imrehg

Labels
enhancement New feature or request infrastructure Issues regarding the infrastructure setup
Projects
None yet
Milestone
First Deploy
Development

No branches or pull requests
1 participant
@imrehg