-
Notifications
You must be signed in to change notification settings - Fork 3
Conversation
Rakefile
Outdated
@@ -98,7 +98,7 @@ end | |||
desc 'Configure the remote state location' | |||
task configure_s3_state: [:validate_environment, :purge_remote_state] do | |||
region = 'eu-west-1' | |||
bucket_name = "govuk-terraform-state-#{deploy_env}" | |||
bucket_name = "cjr-govuk-terraform-state-#{deploy_env}" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Make sure we don't merge this in!
We use totally separate accounts for different "environments", so the GOV.UK Test account has a totally different set of credentials for the GOV.UK Integration account. The test account is just that, for testing so feel free to use that to deploy from your laptop etc. The GOV.UK Integration account should ideally be deployed using the Jenkins job. Same goes for Staging and Production.
Puppet. Create the environment variables and get the app to read them in, and then add the secret keys in our credentials store. |
Where do I find the credentials for the test account, @surminus?
I should be OK to add the environment variables to Puppet but where/what is the "credentials store"? |
|
@surminus: I can see that the access and secret keys of my created IAM user end up in the terraform-asset-manager.tfstate file that's stored on S3. Do we manually copy them from there and paste them into the environment specific hieradata? |
We're updating the Asset Manager app to store and serve files from AWS S3. This commit adds an asset-manager project to configure the S3 bucket for file storage and the IAM user that can read/write files in that bucket.
0d8af46
to
c46e148
Compare
Hi @surminus. I've tidied this PR and am now ready for a review in order to get it merged. Is that something you can do or should I ask someone else? |
We're enhancing Asset Manager to upload files to, and serve files from S3. This PR sets the AWS environment variables required by Asset Manager. We're safe to use the standard AWS environment variable names because we rely on `govuk_setenv` to provide each application with its own environment. See the related PRs in asset-manager and govuk-terraform-provisioning: * alphagov/asset-manager#74 * alphagov/govuk-terraform-provisioning#125
We're enhancing Asset Manager to upload files to, and serve files from S3. This PR sets the AWS environment variables required by Asset Manager. We're safe to use the standard AWS environment variable names because we rely on `govuk_setenv` to provide each application with its own environment. See the related PRs in asset-manager and govuk-terraform-provisioning: * alphagov/asset-manager#74 * alphagov/govuk-terraform-provisioning#125
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this looks OK 👍
Thanks @surminus. I'm going to get this merged. |
We're updating the Asset Manager app to store and serve files from AWS
S3. This commit adds an asset-manager project to configure the S3 bucket
for file storage and the IAM user that can read/write files in that
bucket.