-
-
Notifications
You must be signed in to change notification settings - Fork 9
DevOps Roadmap
Alex English edited this page Oct 16, 2025
·
1 revision
- how to set up new projects in incubator
- example github actions
- data (secrets, S3 objects, etc) should only be able to be read by project users
- same for write, different group
- devops is different, read/write/admin for all projects
- access level and project tags don't make sense, use IAM groups instead
- have special tags for things that cannot be managed by terraform (s3 backend, dynamodb etc)
- do some kind of documented way of figuring out what's not in terraform (tag editor, etc)
- need a better way to deal with new user passwords and stale AWS accounts
- upon creation of a new IAM user, set password and send email to someone with their password and login instructions
- if someone creates an account then doesn't log in for 30 days, account is flagged for removal
- send messages to a slack channel for events:
- if service has gone down
- if cpu or memory usage is out of control