On 17/10/2024 09:25, Pavel Raiskup via infrastructure wrote:
Hello team,
I now realized that we have these files:
files/aws/iam/policies/
files/aws/iam/policies/fcos-builds-releng.json
files/aws/iam/policies/robosignatory-fcos-devel.json
files/aws/iam/policies/fcos-upload-amis.json
files/aws/iam/policies/fedora-infra-ec2.json
files/aws/iam/policies/fedora-centos-ec2.json
files/aws/iam/policies/fcos-poc-artifacts.json
files/aws/iam/policies/fedora-copr-ec2.json
These seem to be some initial copies of the policy file, and are
probably staled. I'm curious whether we are interested in making the
policies maintained from batcave - via IAM API. If so, I think I could
help with the ansible.git changes (but I think I'd need more EC2
privileges to tweak the policies).
Pavel
Interesting as for CentOS it's not managed by Fedora infra ansible git so before you do anything, please ensure that the "fedora-centos-ec2.json" policy is removed from ansible git (as it's not the current version anyway) and that it wouldn't remove other existing centos* IAM policies :-)
-- Fabian Arrotin gpg key: 17F3B7A1
Attachment:
OpenPGP_0xA25DBAFB17F3B7A1.asc
Description: OpenPGP public key
Attachment:
OpenPGP_signature.asc
Description: OpenPGP digital signature
-- _______________________________________________ infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
