On 03/09/2023 20:59, Miroslav Suchý wrote:
According our SOP
https://docs.fedoraproject.org/en-US/infra/sysadmin_guide/aws-access/#_role_...
Users MUST tag resources with their FedoraGroup tag within one day, or the resource may be removed.
Hi Miroslav,
Thanks for the pointer, as I wasn't really aware of the *need* for that tag but I'll tag all *centos.org resources in that shared fedora/centos account to have the missing FedoraGroup=centos tag/value.
BTW, just quickly checked the Fedora Communityshift Openshift cluster (so volumes, EFS, ec2, load-balancers, etc) and none is tagged with FedoraGroup=fedora :-)
@Kevin : what about we try to have a common set of AWS rules/policies/SOPs for both project sharing resources within one or two accounts and review/audit also permissions, rules, ACLs, etc ?