You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The CDC unilaterally reduced the permissions of the role assigned to our GitHub deployer and our user accounts. We need to work with the CDC to understand why this was done, push back if we can, and subsequently modify our Terraform depending on the discussions with the CDC.
Completion Criteria
We come to a conclusion of having our permissions restored in some form or fashion or not.
Our Terraform is updated to remove items from management that we can no longer modify.
Tasks
Research what has been impacted by this priviledge change (other than our NSGs). - @halprin
CDC wants to own route tables, network security groups, and peering settings
For envs where these resources already exist, we'll need to remove them from terraform state and convert them in our TF from resources to data sources (removing them from state tells TF we're not managing those and it shouldn't delete them). By using the Azure Portal Cloud Shell, we can interact with the Terraform CLI while logged in as ourselves (this will be the easiest way to manage this stuff for the -SU accounts). Clone our repo, CD into our TF directories, terraform init, then run commands to remove the relevant resources
For envs where these resources don't yet exist (prod for ingestion service), we'll need to submit a helpdesk ticket to get the relevant resources created. The naming convention will need to match our existing resources or else we'll have to have them recreate everything, which is much riskier
Backlog Task
The CDC unilaterally reduced the permissions of the role assigned to our GitHub deployer and our user accounts. We need to work with the CDC to understand why this was done, push back if we can, and subsequently modify our Terraform depending on the discussions with the CDC.
Completion Criteria
Tasks
Other Notes
The text was updated successfully, but these errors were encountered: