Add policy statement for opensearch service
#187
Conversation
sebastien-rosset
changed the title
opensearch serviceopensearch service
|
In which group should the |
|
@sebastien-rosset let's wait for @jillr's feedback. |
|
@jillr , @alinabuzachis , how can I make progress with this? It's not possible to test without having the right permissions. |
@sebastien-rosset We need to wait for @jillr's suggestion. They generally do the triage on this repo on Thursday. I will try to ask and let you know. Thank you. |
|
As long as we can bring the policy under the character limit data-services is the closest IMO. If not, @alinabuzachis we might need to refactor the policies again. :) Describe and List actions can be added as wildcards for any AWS services that do not affect security (ie; IAM or STS). So some of these can be condensed to |
|
Since this is the first time we're enabling opensearch, we will also need a class added to the terminator: https://github.com/mattclay/aws-terminator/blob/master/aws/terminator/data_services.py |
sebastien-rosset
force-pushed
the
opensearch
branch
from
b677f4a
to
6493fe8
Compare
sebastien-rosset
force-pushed
the
opensearch
branch
from
6efbdef
to
d9cb5fa
Compare
|
@jillr , is this what you were looking for? |
|
I posted on the associated PR, but just to add here, I don't think we should merge these changes at this time. Our CI constraints would currently prevent us from being able to run a test suite that spans several hours. |
Add 'opensearch' and 'opensearch_info' modules SUMMARY Add opensearch module to create/update AWS OpenSearch/Elasticsearch domains. Add opensearch_info module to query AWS OpenSearch/Elasticsearch domains. Fixes #858 Requires mattclay/aws-terminator#187 ISSUE TYPE New Module Pull Request COMPONENT NAME Creates OpenSearch or ElasticSearch domain. ADDITIONAL INFORMATION The minimum version of botocore for these modules is 1.21.38. The integration tests take more than 4 hours to execute. Tests time out in the CI. I was able to run the integration tests locally. Reviewed-by: Alina Buzachis <None> Reviewed-by: Sebastien Rosset <None> Reviewed-by: Mark Chappell <None> Reviewed-by: Markus Bergholz <git@osuv.de>
Add 'opensearch' and 'opensearch_info' modules SUMMARY Add opensearch module to create/update AWS OpenSearch/Elasticsearch domains. Add opensearch_info module to query AWS OpenSearch/Elasticsearch domains. Fixes ansible-collections#858 Requires mattclay/aws-terminator#187 ISSUE TYPE New Module Pull Request COMPONENT NAME Creates OpenSearch or ElasticSearch domain. ADDITIONAL INFORMATION The minimum version of botocore for these modules is 1.21.38. The integration tests take more than 4 hours to execute. Tests time out in the CI. I was able to run the integration tests locally. Reviewed-by: Alina Buzachis <None> Reviewed-by: Sebastien Rosset <None> Reviewed-by: Mark Chappell <None> Reviewed-by: Markus Bergholz <git@osuv.de>
Add 'opensearch' and 'opensearch_info' modules SUMMARY Add opensearch module to create/update AWS OpenSearch/Elasticsearch domains. Add opensearch_info module to query AWS OpenSearch/Elasticsearch domains. Fixes ansible-collections#858 Requires mattclay/aws-terminator#187 ISSUE TYPE New Module Pull Request COMPONENT NAME Creates OpenSearch or ElasticSearch domain. ADDITIONAL INFORMATION The minimum version of botocore for these modules is 1.21.38. The integration tests take more than 4 hours to execute. Tests time out in the CI. I was able to run the integration tests locally. Reviewed-by: Alina Buzachis <None> Reviewed-by: Sebastien Rosset <None> Reviewed-by: Mark Chappell <None> Reviewed-by: Markus Bergholz <git@osuv.de>
Add policy for PR ansible-collections/community.aws#859
Not ready for review yet.