On čtvrtek 17. října 2024 14:11:26, SELČ Fabian Arrotin via infrastructure wrote: > On 17/10/2024 09:25, Pavel Raiskup via infrastructure wrote: > > Hello team, > > > > I now realized that we have these files: > > > > files/aws/iam/policies/ > > files/aws/iam/policies/fcos-builds-releng.json > > files/aws/iam/policies/robosignatory-fcos-devel.json > > files/aws/iam/policies/fcos-upload-amis.json > > files/aws/iam/policies/fedora-infra-ec2.json > > files/aws/iam/policies/fedora-centos-ec2.json > > files/aws/iam/policies/fcos-poc-artifacts.json > > files/aws/iam/policies/fedora-copr-ec2.json > > > > These seem to be some initial copies of the policy file, and are > > probably staled. I'm curious whether we are interested in making the > > policies maintained from batcave - via IAM API. If so, I think I could > > help with the ansible.git changes (but I think I'd need more EC2 > > privileges to tweak the policies). > > > > Pavel > > > > Interesting as for CentOS it's not managed by Fedora infra ansible git And shouldn't it be? How do you maintain it, could we learn from you in how to do this task properly? > so before you do anything, please ensure that the > "fedora-centos-ec2.json" policy is removed from ansible git (as it's > not the current version anyway) and that it wouldn't remove other > existing centos* IAM policies :-) Sure, that probably applies to all of the policy files. Well, I was hoping that we could do the "EC2 => ansible.git" sync first. But don't be afraid to be faster than I am and remove! ;-) Pavel > -- > Fabian Arrotin > gpg key: 17F3B7A1 > >
Attachment:
signature.asc
Description: This is a digitally signed message part.
-- _______________________________________________ infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
