On 17/10/2024 09:25, Pavel Raiskup via infrastructure wrote:
Hello team,I now realized that we have these files: files/aws/iam/policies/ files/aws/iam/policies/fcos-builds-releng.json files/aws/iam/policies/robosignatory-fcos-devel.json files/aws/iam/policies/fcos-upload-amis.json files/aws/iam/policies/fedora-infra-ec2.json files/aws/iam/policies/fedora-centos-ec2.json files/aws/iam/policies/fcos-poc-artifacts.json files/aws/iam/policies/fedora-copr-ec2.json These seem to be some initial copies of the policy file, and are probably staled. I'm curious whether we are interested in making the policies maintained from batcave - via IAM API. If so, I think I could help with the ansible.git changes (but I think I'd need more EC2 privileges to tweak the policies). Pavel
Interesting as for CentOS it's not managed by Fedora infra ansible git so before you do anything, please ensure that the "fedora-centos-ec2.json" policy is removed from ansible git (as it's not the current version anyway) and that it wouldn't remove other existing centos* IAM policies :-)
-- Fabian Arrotin gpg key: 17F3B7A1
OpenPGP_0xA25DBAFB17F3B7A1.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
-- _______________________________________________ infrastructure mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
