Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Correct AWS Terraform arch to contain correct S3 permissions #12968

Merged
merged 1 commit into from
Sep 21, 2022
Merged

Conversation

mrzarquon
Copy link
Contributor

Description

When I removed the global access to fix #12964 it exposed the fact that our IAM permissions weren't correct to just use the S3 bucket.

Attaches correct permissions to the IAM user to have correct level of access to just the single S3 bucket we create for that user.

@mrzarquon mrzarquon requested a review from a team September 14, 2022 14:08
@github-actions github-actions bot added the team: delivery Issue belongs to the self-hosted team label Sep 14, 2022
@easyCZ
Copy link
Member

easyCZ commented Sep 15, 2022

/hold werft status is not being reported and this is blocking merge queue

@adrienthebo
Copy link
Contributor

adrienthebo commented Sep 15, 2022

/werft run

👍 started the job as gitpod-build-mrz-fix-s3.1
(with .werft/ from main)

@mrsimonemms
Copy link
Contributor

mrsimonemms commented Sep 16, 2022

/werft run

👍 started the job as gitpod-build-mrz-fix-s3.2
(with .werft/ from main)

@nandajavarma
Copy link
Contributor

This branch might need a rebase with main @mrzarquon

@mrzarquon mrzarquon requested review from a team September 21, 2022 08:07
@github-actions github-actions bot added team: IDE team: devx team: webapp Issue belongs to the WebApp team team: workspace Issue belongs to the Workspace team labels Sep 21, 2022
@roboquat roboquat removed the size/M label Sep 21, 2022
@github-actions
Copy link
Contributor

⚠️ Hey reviewer! BE CAREFUL ⚠️
Review the code before opening in your Gitpod. .gitpod.yml was changed and it might be harmful.

…at our IAM permissions weren't correct to just use the S3 bucket.

```release-note
Attaches correct permissions to the IAM user to have correct level of access to just the single S3 bucket we create for that user.
```
@mrzarquon mrzarquon removed the request for review from a team September 21, 2022 09:32
@mrzarquon mrzarquon removed team: webapp Issue belongs to the WebApp team team: workspace Issue belongs to the Workspace team team: IDE team: devx do-not-merge/hold labels Sep 21, 2022
@roboquat roboquat merged commit ef810e4 into main Sep 21, 2022
@roboquat roboquat deleted the mrz/fix_s3 branch September 21, 2022 14:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
release-note size/S team: delivery Issue belongs to the self-hosted team
Projects
No open projects
Development

Successfully merging this pull request may close these issues.

AWS Terraform Ref Arch is too permissive
6 participants