[EPIC] DevOps Migrate infra to shared H4LA AWS account

[nichhk]

Summary

We want to move our infra off our private AWS account onto the shared H4LA AWS account. This will help us to be aligned with H4LA best practices. Additionally, we cannot modify our existing infra because SSH keys and configs to the private AWS account have been lost.

Required Issues

• [ ] Determine how to structure new AWS (sub)account for 311 Data within H4LA's greater AWS setup (TODO: Bonnie)
• [ ] Test existing Terraform config using new AWS account. This will bring up the backend infra components only; frontend components are individually and manually configured on AWS.
• [ ] Make any simplifications to the infra, if possible
• [ ] Bring up frontend components
• [ ] Point prod and dev 311 Data sites to new AWS services

Resources/Instructions

system design

[EchoProject]

I have a meeting with Bonnie and Jason this Sunday (10/9/2022). I'll leave notes from the meeting here.

This meeting was rescheduled to accommodate having 311-Data engineers in attendance.

[EchoProject]

Some notes from my conversation with Jason:

• Hack for LA currently has 3 AWS accounts. Jason owns and manages 1 AWS account that hosts 9 projects.
• He doesn't know who the other owners are, and it's possible that 311-Data's current instance is one of the accounts.
• 311-Data has outgrown (traffic and underlying AWS infra) participation in being hosted with Jason's AWS account.
• The major challenge with the migration is updating 311-Data's infrastructure to meet the needs of AWS' newer hardware.
• The estimated lift is 6+ months of engineering work.
• The suggested route is to create an instance to build and test infra migration and then merge it into a paid instance.
• Bonnie currently pays out-of-pocket for all AWS accounts. Minimizing this spend is a priority. Having two active accounts should be avoided.
• While Jason won't have the bandwidth to make the changes, he's open to assisting with questions regarding AWS.