diff --git a/docs/2.0/docs/pipelines/tutorials/deploying-to-aws-gov-cloud.md b/docs/2.0/docs/pipelines/tutorials/deploying-to-aws-gov-cloud.mdx similarity index 99% rename from docs/2.0/docs/pipelines/tutorials/deploying-to-aws-gov-cloud.md rename to docs/2.0/docs/pipelines/tutorials/deploying-to-aws-gov-cloud.mdx index 40f916d47..7b2f7ca07 100644 --- a/docs/2.0/docs/pipelines/tutorials/deploying-to-aws-gov-cloud.md +++ b/docs/2.0/docs/pipelines/tutorials/deploying-to-aws-gov-cloud.mdx @@ -5,6 +5,7 @@ import Tabs from "@theme/Tabs" import TabItem from "@theme/TabItem" In this tutorial, we will guide you through deploying an AWS S3 bucket to AWS GovCloud using Gruntwork Pipelines. + ## What you'll get By the end of this tutorial, you will have: diff --git a/docs/2.0/docs/pipelines/tutorials/deploying-your-first-infrastructure-change.mdx b/docs/2.0/docs/pipelines/tutorials/deploying-your-first-infrastructure-change.mdx index e3af1b485..4b4e7acaf 100644 --- a/docs/2.0/docs/pipelines/tutorials/deploying-your-first-infrastructure-change.mdx +++ b/docs/2.0/docs/pipelines/tutorials/deploying-your-first-infrastructure-change.mdx @@ -31,6 +31,18 @@ This section covers creating a cloud storage resource using Pipelines and GitOps +:::caution Permissions Required + +By default, Pipelines is configured with the permissions needed to complete this tutorial. However, depending on your specific setup, you may need to adjust the IAM roles used by Pipelines to ensure they have the necessary permissions. + +The default Pipelines role has permissions to create S3 buckets with names that start with `test-pipelines-`. If you want to use a different bucket name, you may need to update the IAM policy accordingly. + +:::tip +The default `bootstrap` Terragrunt stack provided in the installation guide includes `plan_iam_policy` and `apply_iam_policy` values that can be configured to adjust the permissions granted to Pipelines. +::: + +::: + 1. Create the folder structure for the new S3 bucket in your environment. Replace with the account name you are deploying to and with the AWS region where the S3 bucket will be deployed. ```bash @@ -59,7 +71,7 @@ This section covers creating a cloud storage resource using Pipelines and GitOps } include "root" { - path = find_in_parent_folders() + path = find_in_parent_folders("root.hcl") } inputs = { @@ -70,6 +82,16 @@ This section covers creating a cloud storage resource using Pipelines and GitOps +:::caution Permissions Required + +By default, Pipelines is configured with the permissions needed to complete this tutorial. However, depending on your specific setup, you may need to adjust the role used by Pipelines to ensure it has the appropriate permissions to create Resource Groups and Storage Accounts in your subscription. + +:::tip +The default `bootstrap` Terragrunt stack provided in the installation guide includes `plan_custom_role_actions` and `apply_custom_role_actions` values that can be configured to adjust the permissions granted to Pipelines. +::: + +::: + 1. Create the folder structure for the new Resource Group and Storage Account in your environment. Replace with the subscription name you are deploying to, with the Azure location where the resources will be deployed, and with your desired resource group name. ```bash diff --git a/docs/2.0/docs/pipelines/tutorials/destroying-infrastructure.mdx b/docs/2.0/docs/pipelines/tutorials/destroying-infrastructure.mdx index dc7c86117..00265d936 100644 --- a/docs/2.0/docs/pipelines/tutorials/destroying-infrastructure.mdx +++ b/docs/2.0/docs/pipelines/tutorials/destroying-infrastructure.mdx @@ -30,6 +30,18 @@ This section explains how to destroy cloud resources using Pipelines and GitOps +:::caution Permissions Required + +By default, Pipelines is configured with the permissions needed to complete this tutorial. However, depending on your specific setup, you may need to adjust the IAM roles used by Pipelines to ensure they have the necessary permissions to destroy resources. + +The default Pipelines role has permissions to delete S3 buckets with names that start with `test-pipelines-`. If you're destroying resources with different naming conventions, you may need to update the IAM policy accordingly. + +:::tip +The default `bootstrap` Terragrunt stack provided in the installation guide includes `plan_iam_policy` and `apply_iam_policy` values that can be configured to adjust the permissions granted to Pipelines. +::: + +::: + 1. Remove the folder containing the infrastructure code for the resource you want to destroy. For the S3 bucket example, delete the folder containing the S3 bucket code. Replace and with the appropriate values. ```bash @@ -41,6 +53,16 @@ This section explains how to destroy cloud resources using Pipelines and GitOps +:::caution Permissions Required + +By default, Pipelines is configured with the permissions needed to complete this tutorial. However, depending on your specific setup, you may need to adjust the role used by Pipelines to ensure it has the appropriate permissions to delete Resource Groups and Storage Accounts in your subscription. + +:::tip +The default `bootstrap` Terragrunt stack provided in the installation guide includes `plan_custom_role_actions` and `apply_custom_role_actions` values that can be configured to adjust the permissions granted to Pipelines. +::: + +::: + 1. Remove the folder containing the infrastructure code for the resources you want to destroy. For the Resource Group and Storage Account example, delete the folder containing all the resource group code. Replace , , and with the appropriate values. ```bash