Goals:
Be able to run the README instructions for local testing.
Be able to deploy/maintain if Jason gets hit by a bus.
Know what AWS creds are used so we can remove any unnecessary ones.
This is what I did for the asterisk server, I'm not saying it's good, but I was able to understand what to do after forgetting everything: https://github.com/futel/asteriskserver/blob/main/README-aws.md
I was able to run the data collection on a test instance by creating an AWS administrator type user, but this is overkill, I'd like to create a user that has read-only access whenever possible, and I want us to be able to know what is needed and blow away all unnecessary users and creds whenever we want without breaking anything.
I am not so worried about correctness, for example there are complicated ways to make temporary creds that I don't understand. And I'm not worried about proper deployment, if the deployment docs say "get the creds that are in the relevant README", that is OK.
Goals:
Be able to run the README instructions for local testing.
Be able to deploy/maintain if Jason gets hit by a bus.
Know what AWS creds are used so we can remove any unnecessary ones.
This is what I did for the asterisk server, I'm not saying it's good, but I was able to understand what to do after forgetting everything: https://github.com/futel/asteriskserver/blob/main/README-aws.md
I was able to run the data collection on a test instance by creating an AWS administrator type user, but this is overkill, I'd like to create a user that has read-only access whenever possible, and I want us to be able to know what is needed and blow away all unnecessary users and creds whenever we want without breaking anything.
I am not so worried about correctness, for example there are complicated ways to make temporary creds that I don't understand. And I'm not worried about proper deployment, if the deployment docs say "get the creds that are in the relevant README", that is OK.