Cloudtrail config updates for HydroVis #1004
Comments
|
NOAA-CASB-CloudTrail and aws-controltower-BaselineCloudTrail are managed by OCIO WOC |
|
So codepipeline-source-trail, noaa-nws-hydrovis-cloudtrail and nwc-noaa-hydrovis-dev can be deleted? |
|
Have to contact [email protected] and [email protected] for RO access to aws-controltower-BaselineCloudTrail and NOAA-CASB-CloudTrail |
|
Will work with WOC to update the config. |
|
Created RITM0327068 for WOC |
15 tasks
|
Is this ticket completed now? |
|
Deletion on our side is for the cloudtrails are done.
We are awaiting update from WOC on us being granted RO access to their Cloudtrail configuration which we might need for auditing and reversibility.
Drix Tabligan
GAMA-1 Technologies
SDB | ISO 20000 | ISO 9001 | ISO 27001
Operations | +1 (443) 538-7058
***@***.*** | www.gama1tech.com
7500 Greenway Center Drive, STE 400, Greenbelt, MD 20770
IMPORTANT: The contents of this email and any attachments are confidential. They are intended for the named recipient(s) only. If you have received this email by mistake, please notify the sender immediately and do not disclose the contents to anyone or make copies thereof.
Join our Team!
…On Dec 6, 2024 at 11:40 AM -0500, derekgiardino-noaa ***@***.***>, wrote:
Is this ticket completed now?
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you were assigned.Message ID: ***@***.***>
|
|
All trails have been deleted and following S3 buckets have been deleted:
I think we should create separate ticket to track access to CloudTrail bucket. @derekgiardino I think request to access CloudTrail has to be initiated by a Fed. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
From chat:
Morning @diwakar puthalapat - NOAA Affiliate - got a question when you get the chance to reply (I know you are in reinvent)... YTD we have paid over $30k for cloudtrail in hydrovis dev. looks like there have been manually configured cloudtrails which are not part of the terraform deployment.
I tried deleting trails not common to all three environments with the assumption that these were put in manually. however, looks like my role/privileges do not have rights to delete them. looking at the individual configs it seems that they are just duplications of the other.
there's a couple of common trails NOAA-CASB-Cloudtrail and aws-controltower-BaselineCloudTrail which should suffice I assume. However, for audit purposes, if we need access to these to view cloudtrail logs, same account does not have privileges to view.
would you mind taking a look at both of these?
The text was updated successfully, but these errors were encountered: