modernisation-platform icon indicating copy to clipboard operation
modernisation-platform copied to clipboard

Published 20 hours ago verified publisher icon ministryofjustice

New IAM role for running Ansible in a Github Action via SSM.

Open ep-93 opened this issue 1 year ago • 2 comments

Request - https://mojdt.slack.com/archives/C01A7QK5VM1/p1678789323337849

User Story

As a mod platform user i want to be able to run ansible in a github action runner via SSM so that we can apply configuration changes after instances are provisioned and throughout their lifecycle.

Value

Requested so that that the same process can be used for windows and linux instances.

Unknowns

The full list of permissions are not known, but definitely

ec2:DescribeInstances ssm:StartSession

and some s3 permissions

Definition of done

  • [ ] readme has been updated
  • [ ] user docs have been updated
  • [ ] another team member has reviewed
  • [ ] tests are green
  • [ ] UR test OR added to continual research plan

Reference

How to write good user stories

ep-93 avatar Mar 14 '23 11:03 ep-93

Arrange follow up with Jon to understand this process more @seanprivett

seanprivett avatar Mar 30 '23 10:03 seanprivett

@davidkelliott is this solved by your ADR on ???

SimonPPledger avatar Jul 06 '23 10:07 SimonPPledger

do we still need this?

SimonPPledger avatar Jul 20 '23 10:07 SimonPPledger

I'll chase this up to see if it is still required, also https://github.com/ministryofjustice/modernisation-platform/issues/3935

ep-93 avatar Aug 17 '23 10:08 ep-93