On Tue, Apr 28, 2020 at 9:27 PM Kevin Fenzi <kevin@xxxxxxxxx> wrote:
On Tue, Apr 28, 2020 at 03:55:52PM +0100, Mark O'Brien wrote:
> Hi,
>
> I'm not sure who is the correct person to direct this question at, so I'll
> open it up to the group. In my previous job I worked daily with AWS and
> have a decent grasp of the workings of some parts of it (I don't think
> anyone knows all of AWS).
Hey Mark. I guess that would be me (on the Fedora side) and Fabian (on
the CentOS side).
Thanks, good to know who to reach out to.
> I think I could be of assistance in implementing best practises and also in
> carrying out general day to day work. I have seen these 2 tickets
> specifically on the fedora infrastructure issue tracker which I may be of
> assistance with.
>
> https://pagure.io/fedora-infrastructure/issue/8667
> https://pagure.io/fedora-infrastructure/issue/8407
Excellent! I'd love some help in this area. :)
I know time zones are not too good between us, but perhaps we could
schedule a time early my morning and later your afternoon/evening to get
together on irc and go over things and try and solve some of those
tickets?
> These involve IAM which I understand carries a bit of a security issue but
> I could work with someone who has access or even with read only access and
> I could offer some potential fixes. Let me know if I can help.
Absolutely, and thanks for the offer.
Our setup is a little atypical, but I can explain it to you and we can
work out some access to at least test things or the like.
I think a lot of places use an atypical set up from what I read.
A possible way to give limited access going forward would be to federate access to a redhat account of some sort (gmail/fedora) that way you could set a generic limited access policy for new users.
We also have:
https://pagure.io/fedora-infrastructure/issue/8436
which I keep never getting around to, and perhaps you could script the
needed steps for me there.
I have left a comment on the ticket about potentially using a daily lambda function to take care of this.
I will put together a bash script which can make use of the aws cli for the initial clean up.
Let me know when a good morning might be and we can try and get
together. IRC would be best for me, then we could also add in anyone
else who was interested.
I can do Today or tomorrow at 16:30 IST/ 08:30PDT or 21:00 IST/13:00 PDT whichever would suit you best.
I am off Friday so if neither of these times suit you we could try next week.
We can use whichever IRC channel you think appropriate
Mark
_______________________________________________ infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
