[Platformone] Switch over to new AWS RBAC
Adrian Nunez
adrian.nunez at bylight.com
Thu Dec 19 15:45:32 UTC 2019
I'd rather wait until I disable access to all the accounts. I see a lot of people that I suspect are no longer on the program. By disabling all the accounts those people will be purged.
We are better off waiting until tomorrow.
Get Outlook for Android<https://aka.ms/ghei36>
________________________________
From: Mark Nissley <mnissley at redhat.com>
Sent: Thursday, December 19, 2019 10:29:06 AM
To: Adrian Nunez <adrian.nunez at bylight.com>
Cc: platformONE at redhat.com <platformONE at redhat.com>; LASTRILLA, JETHRO S CTR USAF AFMC AFLCMC/HNCP <jethro.lastrilla.ctr at us.af.mil>; BRYAN, AUSTEN R Capt USAF AFMC AFLCMC/HNCP <austen.bryan.1 at us.af.mil>; DIROCCO, ROGER E GG-13 USAF AFMC ESC/AFLCMC/HNCP <roger.dirocco.4 at us.af.mil>; Goss, Andrew [Semper Valens Solutions (SVS)] <andrew.goss at accenturefederal.com>; CRISP, JOSHUA M GS-09 USAF AFMC AFLCMC/HNCP <joshua.crisp.2 at us.af.mil>
Subject: Re: Switch over to new AWS RBAC
[EXTERNAL EMAIL]
Adrian -
Could team members go ahead and call you in advance to get their new roles set up?
Mark NISSLEY, PMP, CSM, LEAN
PROGRAM MaNAGER & SR technical Project Manager
North American Consulting, Public Sector
<https://www.redhat.com/>
M: 850-530-3234
[https://marketing-outfit-prod-images.s3-us-west-2.amazonaws.com/f5445ae0c9ddafd5b2f1836854d7416a/Logo-RedHat-Email.png]<https://www.redhat.com/>
Scheduled PTO: Dec 23 - Jan 03
On Thu, Dec 19, 2019 at 9:18 AM Adrian Nunez <adrian.nunez at bylight.com<mailto:adrian.nunez at bylight.com>> wrote:
I am going to disable everyone's AWS accounts after the meeting Friday. Please contact me in order to set up your account again. This setup will include MFA and POC information. My contact info is Adrian.nunez at bylight.com<mailto:Adrian.nunez at bylight.com> and my phone is 571-230-5289.
Please be ready to answer the following questions:
· What team are you on?
· What is your Role in UP?
· What will your daily activities consist of?
· How long will you need access?
· What is your experience with AWS?
V/R
Adrian
Get Outlook for Android<https://aka.ms/ghei36>
________________________________
From: Mark Nissley <mnissley at redhat.com<mailto:mnissley at redhat.com>>
Sent: Thursday, December 19, 2019 10:02:02 AM
To: platformONE at redhat.com<mailto:platformONE at redhat.com> <platformONE at redhat.com<mailto:platformONE at redhat.com>>
Cc: Adrian Nunez <adrian.nunez at bylight.com<mailto:adrian.nunez at bylight.com>>
Subject: Switch over to new AWS RBAC
[EXTERNAL EMAIL]
Team -
There is some urgency to switch over to the new AWS RBAC model. While this holds some risk, it is necessary and must be done as soon as possible. We will not initiate this action until AFTER the meeting with Nic tomorrow in which we will review the IATT package. If significant and immediate actions come out of that we will reevaluate the RBAC timeline.
In the meantime, please take a few minutes to review the notes and actions below from Adrian, who is leading that effort:
"Unfortunately the state of the AWS Account and Users are going to require me to disable accounts and have people call me to set their new account up. There are a lot of users without an MFA, never logged in, no point of contact email, no tags, and I think some users are no longer on the program.
What we can do is leave Jonny and Chris [Chris is on PTO so I'd propose Dino in this spot as he will be working over the break] with full admin temporarily in case there is something needed by the Platform1 team in the short term. I can also set a target date of 3 Jan to remove their full admin privileges. As full admins they will be able to utilize any AWS service needed by the Platform1 Team. I would ask them to not change anything in IAM as far as the RBAC is concerned. If the Platform1 team needs access to a specific AWS service I can review and possibly change their permissions in the RBAC policies."
PLEASE NOTE: this will require action from everyone to set up a new account.
Mark NISSLEY, PMP, CSM, LEAN
PROGRAM MaNAGER & SR technical Project Manager
North American Consulting, Public Sector
<https://www.redhat.com/>
M: 850-530-3234
[https://marketing-outfit-prod-images.s3-us-west-2.amazonaws.com/f5445ae0c9ddafd5b2f1836854d7416a/Logo-RedHat-Email.png]<https://www.redhat.com/>
Scheduled PTO: Dec 23 - Jan 03
This communication (including any attachments) may contain information that is proprietary, confidential or exempt from disclosure. If you are not the intended recipient, please note that further dissemination, distribution, use or copying of this communication is strictly prohibited. Anyone who received this message in error should notify the sender immediately by telephone or by return email and delete it from his or her computer.
This communication (including any attachments) may contain information that is proprietary, confidential or exempt from disclosure. If you are not the intended recipient, please note that further dissemination, distribution, use or copying of this communication is strictly prohibited. Anyone who received this message in error should notify the sender immediately by telephone or by return email and delete it from his or her computer.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/platformone/attachments/20191219/58348ce0/attachment.htm>
More information about the platformONE
mailing list