From e0bb404397ab9cae9e951af0bacdbe64d1e7ed09 Mon Sep 17 00:00:00 2001 From: Sarah Gibson Date: Wed, 6 Dec 2023 12:18:51 +0000 Subject: [PATCH 1/2] Add documentation about regeneration deployer creds for SMCE accounts --- docs/hub-deployment-guide/new-cluster/smce.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/docs/hub-deployment-guide/new-cluster/smce.md b/docs/hub-deployment-guide/new-cluster/smce.md index 5cc1d5c98b..0cc447fba2 100644 --- a/docs/hub-deployment-guide/new-cluster/smce.md +++ b/docs/hub-deployment-guide/new-cluster/smce.md @@ -48,3 +48,19 @@ the `hub-continuous-deployer` user belongs to. It should *not* contain the user Once this exemption has been processed, you can continue as usual with deployment of the hub. +## Preparing for routine regeneration of the `hub-continuous-deployer` access credentials + +The `hub-continuous-deployer` has an access key and secret associated with it, this is how it +authenticates with AWS to perform actions. SMCE accounts have a 60 day password/access key +regeneration policy and so we need to prepare to regularly regenerate this access key. + +We track which clusters have had their `hub-continuous-dpeloyer` access key regenerated +and when in this issue which +also includes the steps for regeneration. Make sure to add the new cluster to this issue. + +```{warning} +We only receive **5 days notice** that a password/access key will expire via email! + +Also it is unclear who receives this email: all engineers or just the engineer who +setup the cluster? +``` From 8d496b315beffcaedd09980ef225ac0cd95f3af8 Mon Sep 17 00:00:00 2001 From: Sarah Gibson <44771837+sgibson91@users.noreply.github.com> Date: Wed, 6 Dec 2023 16:03:01 +0000 Subject: [PATCH 2/2] fix typo Co-authored-by: Georgiana --- docs/hub-deployment-guide/new-cluster/smce.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/hub-deployment-guide/new-cluster/smce.md b/docs/hub-deployment-guide/new-cluster/smce.md index 0cc447fba2..59d243b03c 100644 --- a/docs/hub-deployment-guide/new-cluster/smce.md +++ b/docs/hub-deployment-guide/new-cluster/smce.md @@ -54,7 +54,7 @@ The `hub-continuous-deployer` has an access key and secret associated with it, t authenticates with AWS to perform actions. SMCE accounts have a 60 day password/access key regeneration policy and so we need to prepare to regularly regenerate this access key. -We track which clusters have had their `hub-continuous-dpeloyer` access key regenerated +We track which clusters have had their `hub-continuous-deployer` access key regenerated and when in this issue which also includes the steps for regeneration. Make sure to add the new cluster to this issue.