Avritt Rohwer

General plan: 1. Create a new `e2e-tests` AWS account under the root organization for the existing `Google.org Works` account. 2. Configure a `e2e-test-bot` IAM account with proper permission bindings to...

Will need to update the current [deployment docker file](https://github.com/civiform/cloud-deploy-infra/blob/main/cloud/cloud.Dockerfile). When running the setup command on amd64 the container fails with: ``` File "/cloud/aws/templates/aws_oidc/bin/aws_cli.py", line 31, in get_current_user res = self._call_cli('sts...

Yes I did not mean to close the entire issue. I meant to mark that the above comment has been resolved

Got a proof-of-concept working of running pgAdmin as a fargate task. Steps: 1. Create a new security group for the pgAdmin task. - Add an inbound rule to allow HTTP...

Arkansas has manually configured GuardDuty for now. Leaving this issue open to track support for GuardDuty setup through the deploy system.

Public documentation of the pgadmin command: https://github.com/civiform/docs/pull/208 Additional pgadmin user-friendliness change: https://github.com/civiform/cloud-deploy-infra/pull/88 Feature is now in maintenance mode

This was implemented in https://github.com/civiform/civiform/pull/3321

I am going to assume this issue is about providing a "CiviForm IT Admin" AWS IAM role that only has the permissions needed to deploy civiform resources

Or rather, create a "CiviForm ITAdmin" permissions policy that has all the permissions needed. Then that policy can be granted to specific IAM users or roles (like a role for...