Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use appropriate AWS credential to do the release #1067

Open
dadiorchen opened this issue Mar 31, 2023 · 0 comments
Open

Use appropriate AWS credential to do the release #1067

dadiorchen opened this issue Mar 31, 2023 · 0 comments
Assignees
@emmanue
Labels
AWS devops terraform

Comments

@dadiorchen
Copy link
Collaborator

dadiorchen commented Mar 31, 2023
edited
Loading

treetracker-admin-client/.github/workflows/build_and_release.yaml

Lines 161 to 163 in 6f2c57f

aws-access-key-id: ${{ secrets.AWS_KEY_ID_DADIOR }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_DADIOR }}
aws-region: us-east-1

In above code, we are using temporary secrets with too wide permission to do the s3 upload, we need use the correct ones :
AWS_SECRET
AWS_KEY_ID
AWS_KEY_ID_PROD (for prod env)
AWS_SECRET_PROD (for prod env)

The reason that we use temporary ones is because we need adjust the permission of these scretes above, check our terraform settings for this here:
https://github.com/Greenstand/treetracker-infrastructure/blob/fe6286893c467cc872afa5b7fbaf66d96107716e/aws_access/terraform/users.tf

In short, we need to replace the secrets with the name above, and make sure the github action is functional
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@emmanue emmanue

Labels
AWS devops terraform
Projects
Infrastructure
Status: In Progress
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dadiorchen @emmanue