On 03/09/2023 20:59, Miroslav Suchý wrote:
According our SOPhttps://docs.fedoraproject.org/en-US/infra/sysadmin_guide/aws-access/#_role_and_user_policiesUsers MUST tag resources with their FedoraGroup tag within one day, or the resource may be removed.
Hi Miroslav,Thanks for the pointer, as I wasn't really aware of the *need* for that tag but I'll tag all *centos.org resources in that shared fedora/centos account to have the missing FedoraGroup=centos tag/value.
BTW, just quickly checked the Fedora Communityshift Openshift cluster (so volumes, EFS, ec2, load-balancers, etc) and none is tagged with FedoraGroup=fedora :-)
@Kevin : what about we try to have a common set of AWS rules/policies/SOPs for both project sharing resources within one or two accounts and review/audit also permissions, rules, ACLs, etc ?
-- Fabian Arrotin gpg key: 17F3B7A1
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue