New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

doc(databases): add note re database access #184

Merged
merged 7 commits into from Oct 11, 2018

Conversation

Projects
None yet
3 participants
@crimeminister
Contributor

crimeminister commented Oct 1, 2018

Overview

There's no guidance as to the preferred route for accessing a database instance once provisioned. Add one.

Details

  • adds a simple suggestion as to the preferred means of accessing a database hosted on AWS

Meta

  • provided a descriptive topic and overview of contribution
  • documentation format follows the [topic template][template]
  • fork is up to date (Hint: ["Syncing a Fork"][guide-forks])
  • "work in progress" commits are squashed (Hint: ["Squashing Commits"][guide-squash])
  • commits follow the [Conventional ChangeLog][conventional-changelog] format
  • no sensitive content included, such as:
    • content considered competitive intelligence
    • security & privacy policy violating content
    • keys, tokens or credentials

@crimeminister crimeminister requested review from pdufault and ahmadnassri Oct 1, 2018

@crimeminister crimeminister requested a review from telus/architecture-support as a code owner Oct 1, 2018

@crimeminister crimeminister requested a review from tavogel Oct 2, 2018

crimeminister added some commits Oct 2, 2018

@tavogel

IAM user != db user

- Select the "Terminal" tab to launch a terminal inside the running pod
- Once the shell spawns, run `psql` to begin your session
Please note: you'll need to create an IAM user to obtain access to your database instance(s). This is accomplished by adding an entry to the [Data VPC IAM](https://github.com/telus/terraform-openshift-datavpc-iam) repository. Once provisioned, the credentials for this IAM account can be used to connect to the database.

This comment has been minimized.

@tavogel

tavogel Oct 3, 2018

Contributor

The IAM user gives you access to the AWS project, via their CLI & UI. It's useful for monitoring whatever instances you create (e.g. look at RDS metrics).

This IAM user is not used for database access. To access the DB, the username/PW is as specified in the datavpc-main/sandbox terraform file. We do ask that users poke us to manually snowflake in a new password...

See here:
https://github.com/telus/terraform-openshift-datavpc-main#passwords
https://github.com/telus/delivery/blob/master/playbooks/aws-changing-rds-password.md

This comment has been minimized.

@crimeminister

crimeminister Oct 3, 2018

Contributor

Made some updates accordingly. Thanks for helping me get it straight.

crimeminister added some commits Oct 3, 2018

@crimeminister

This comment has been minimized.

Contributor

crimeminister commented Oct 3, 2018

@billxinli Did I miss anything?

@tavogel

tavogel approved these changes Oct 3, 2018

@kspaans kspaans merged commit c68b5e2 into master Oct 11, 2018

2 checks passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details

@delete-merged-branch delete-merged-branch bot deleted the best-practice-db-access branch Oct 11, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment