Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

As an administrator of the registry, I don't want ENG operator loading data to have administration authorizations #309

Closed
tloubrieu-jpl opened this issue Aug 5, 2024 · 2 comments
Closed

As an administrator of the registry, I don't want ENG operator loading data to have administration authorizations #309

tloubrieu-jpl opened this issue Aug 5, 2024 · 2 comments
Assignees
@sjoshi-jpl
Labels
B15.1 i&t.skip sprint-backlog task

Comments

@tloubrieu-jpl
Copy link
Member

💡 Description

We need to have 2 distinct groups for ENG node:

  • admin: authorized to create indexes...
  • operator: only read/write in the en-* indexes

⚔️ Parent Epic / Related Tickets

No response
@github-project-automation github-project-automation bot moved this to Release Backlog in B15.0 Aug 5, 2024
@sjoshi-jpl
Copy link
Contributor

We can have a PDS_ADMIN_USERS and PDS_ENG_USERS, both tied to different IAM roles. The ENG IAM role will only have read/write access to en-* indexes.

@jordanpadams jordanpadams added B15.1 and removed B15.0 labels Sep 30, 2024
@tloubrieu-jpl
Copy link
Member Author

@sjoshi-jpl I will close this ticket since the roles are created in production.
However, we should eventually have a terraform script and a commit or PR to attach to the closed ticket or a link to a documentation. As a dev team this is inconfortable to close tickets without a produced artifact.

@github-project-automation github-project-automation bot moved this from Release Backlog to 🏁 Done in B15.0 Nov 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sjoshi-jpl sjoshi-jpl

Labels
B15.1 i&t.skip sprint-backlog task
Projects
No open projects
B15.0
Status: 🏁 Done
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jordanpadams @tloubrieu-jpl @sjoshi-jpl