Obfuscation

Author: derailed-dash

Diff for: app/app-template.yaml

@@ -1,4 +1,4 @@
-runtime: python37
+runtime: python39
 
 service: ${SITE}
 

Diff for: config.toml

@@ -27,5 +27,3 @@ pygmentCodeFences = true
   gitlab = "username"
   github = "darren-lester-epam"
   linkedin = "username"
-  stackoverflow = "users/XXXXXXX/username"
-  youtube = "user/username" # or channel/channelname

Diff for: content/epam-lz/Decision Records/_index.md renamed to content/lz/Decision Records/_index.md

@@ -7,6 +7,6 @@ chapter: true
 
 # {{< param title >}}
 
-Decision records relating to the LZiiB platform.  This includes various decisions made as part of LZiiB v1 and LZiiB Evolution.
+Decision records relating to the LZiiB platform.
 
 {{<children>}}

Diff for: content/epam-lz/_index.md renamed to content/lz/_index.md

@@ -1,6 +1,6 @@
 ---
-title: "EPAM LZ-in-a-Box (LZiiB)"
-menuTitle: "EPAM LZ-in-a-Box"
+title: "Lanzing Zone-in-a-Box (LZiiB)"
+menuTitle: "LZ-in-a-Box"
 weight: 10
 chapter: true
 ---

Diff for: content/epam-lz/design-overview.md renamed to content/lz/design-overview.md

@@ -61,7 +61,7 @@ This allows **management and security policies to be applied top down** at any l
 
 Notes on this hierarchy:
 
-- The standard **naming convention** for a project is `epam-ecp-{tier}-{tenant}-{project_name}`
+- The standard **naming convention** for a project is `some-org-ecp-{tier}-{tenant}-{project_name}`
 - The `tier` can be one of `prod`, `flex` = i.e. any non-production environment, or `sbox` = sandbox
 - Ultimately, all resources in GCP are deployed into Google Cloud `projects`.
   - The project is the **basic unit of organisation** of GCP resources.
@@ -89,7 +89,7 @@ Notes on this hierarchy:
 
 LZiiB uses a **hub-and-spoke** network architecture:
 
-- **A _common VPC_ network acts as the _hub_**, and hosts centralised networking and security resources. This includes private IP connectivity, via the SLA-backed, high-bandwidth / low-latency _Interconnect_, to the EPAM on-premises network.
+- **A _common VPC_ network acts as the _hub_**, and hosts centralised networking and security resources. This includes private IP connectivity, via the SLA-backed, high-bandwidth / low-latency _Interconnect_, to the some-org on-premises network.
 - **Tenant projects will have their own _spoke_ VPC network.** Thus, tenants have full automonmy and control over resources deployed within their own VPC.
 - Tenants may be _peered_ to the hub shared VPC network. This is how tenants can:
   - Obtain private connectivity to the on-premises network (if appropriate).
@@ -133,7 +133,7 @@ However, deployment across multiple zones within a single region is insufficient
 
 ### Outbound Internet Connectivity
 
-Outbound connectivity from Google resources to the Internet is routed through EPAM Zscaler VPN. This allows centralised application of security controls.
+Outbound connectivity from Google resources to the Internet is routed through some-org Zscaler VPN. This allows centralised application of security controls.
 
 ### Inbound Connectivity from the Internet
 

Diff for: content/epam-lz/onboarding/_index.md renamed to content/lz/onboarding/_index.md

@@ -48,7 +48,7 @@ Here are some general tips for keeping costs under control, when using Google Cl
 
 All deployed Google Cloud resources are attributed to a single project. Consequently, **project costs are accumulated at the project level**. All these projects are ultimately associated with a **billing account** that is the responsibility of the LZiiB Service Owner.
 
-The day-to-day management, analysis and reporting of our billing account is managed by **AppsBroker**, who EPAM have contracted with to provide Financial Operations expertise in GCP. 
+The day-to-day management, analysis and reporting of our billing account is managed by **AppsBroker**, who some-org have contracted with to provide Financial Operations expertise in GCP. 
 
 ### Cost Visibility
 
@@ -61,7 +61,7 @@ The day-to-day management, analysis and reporting of our billing account is mana
 
 ### Budget Alert Receivers
 
-In order to receive the programatic budget alerts for a project, users will need to hold the EPAM Budget Alert Receiver role on the relevant project(s). The role now works with inheritance so can either be held on the project itself or inherited from above. The role works with both individual accounts and Google groups.
+In order to receive the programatic budget alerts for a project, users will need to hold the some-org Budget Alert Receiver role on the relevant project(s). The role now works with inheritance so can either be held on the project itself or inherited from above. The role works with both individual accounts and Google groups.
 
 A list of budget alert receivers for a project will be gathered as part of the onboarding process but can be updated at any time by contacting the Cloud Team.
 
@@ -85,10 +85,10 @@ When deploying resources in your tenancy using the _project factory_ and _IaC_,
 
 |Label Name|Description|Possible Values|
 |----------|-----------|---------------|
-|epam_platform|Which top level platform is in use|LZiiB / Other|
-|epam_tenant|Your tenancy|Any|
-|epam_service|Project or service|Any|
-|responsible|EPAM Cost Centre|Any|
+|some-org_platform|Which top level platform is in use|LZiiB / Other|
+|some-org_tenant|Your tenancy|Any|
+|some-org_service|Project or service|Any|
+|responsible|some-org Cost Centre|Any|
 |layer|Whether prod, non-prod, or sandbox|prod / flex / sbox|
 
 In addition, you can add your own custom tenant labels to your resources. Specify any labels you want to use when you request your tenancy.  For example, you might consider labels such as:

Diff for: content/epam-lz/onboarding/cost-management.md renamed to content/lz/onboarding/cost-management.md

@@ -51,12 +51,12 @@ This typically refers to IaaS-type products. For example, Google Compute Engine
 
 To ensure that we always use secure, CIS-compliant, patched operating system images, we start by taking a standard [CIS-compliant](https://cloud.google.com/container-optimized-os/docs/how-to/cis-compliance) hardened [Shielded VM image](https://cloud.google.com/compute/shielded-vm/docs/shielded-vm) from Google.
 
-We then apply some additional EPAM configuration, using Hashicorp Packer.  The result is a CIS-compliant, EPAM _gold_ image for a given OS.
+We then apply some additional some-org configuration, using Hashicorp Packer.  The result is a CIS-compliant, some-org _gold_ image for a given OS.
 
 {{<mermaid align="left">}}
 graph LR
-    GImg[Google CIS-Compliant<br /> Shielded VM Image] -- Packer --> EPAMImg[EPAM CIS-Compliant<br />Gold Image]
-    EPAMImg -- Push --> GImgSt[Google Image Storage]
+    GImg[Google CIS-Compliant<br /> Shielded VM Image] -- Packer --> some-orgImg[some-org CIS-Compliant<br />Gold Image]
+    some-orgImg -- Push --> GImgSt[Google Image Storage]
 
     classDef default fill:#2874A6,stroke:#555,color:white;    
     linkStyle default fill:none,color:black;
@@ -66,11 +66,11 @@ This process is automatic through a CI/CD pipeline, resulting in our images bein
 
 #### Deploying Instances
 
-We are now able to build GCE instances (VMs) from our image.  On LZiiB, our security policy will only permit the use of _Shielded VM images_.  I.e. Google images that are already in the _Shielded_ category, or EPAM CIS-compliant gold images.
+We are now able to build GCE instances (VMs) from our image.  On LZiiB, our security policy will only permit the use of _Shielded VM images_.  I.e. Google images that are already in the _Shielded_ category, or some-org CIS-compliant gold images.
 
 {{<mermaid align="left">}}
 graph LR
-    GImg[EPAM/Google CIS-Compliant<br /> Shielded VM Image] -- "Deploy<br />instance" --> GCE[GCE Instance]
+    GImg[some-org/Google CIS-Compliant<br /> Shielded VM Image] -- "Deploy<br />instance" --> GCE[GCE Instance]
     GCE -- "Apply<br/> Startup Script" --> GCE_Ans[GCE Instance<br /> registered with Ansible]
     GCE_Ans -- "Apply<br/> agents and patches" --> GCE_Go[Instance<br />Ready for Use]
 

Diff for: content/epam-lz/onboarding/design-docs.md renamed to content/lz/onboarding/design-docs.md

@@ -23,7 +23,7 @@ The Cloud Platform Team will not provide ongoing management, maintenance, patchi
 |Provisioning and maintenance of the shared infrastructure, including Shared VPC and Shared (multitenant) GKE clusters.|Cloud Platform Team|Achieved through Landing Zone IaC and pipeline|
 |Provisioning and maintenance of any non-GCP hosting, network and connectivity infrastructure (on-premises and SaaS)|Infastructure Platforms & Networking|As with existing non-GCP hosting and networking infrastructure. Includes things like: on-premises firewalls and Zscaler Internet Access proxies|
 |Provisioning and maintenance of GCP Zscaler tunnels to Zscaler Internet Access (ZIA)|Cloud Platform Team|Including setting up of GCP VPN configuration and VPC routing tables|
-|Provisioning and maintenance of EPAM custom gold OS images|Cloud Platform Team|Using automated Packer pipeline process. Any requests for amendments to existing images, or for new images (e.g. for new operating systems) should be issued to the Cloud Platform Team. Note that maintaining the latest version of existing images is considered BAU activity.|
+|Provisioning and maintenance of some-org custom gold OS images|Cloud Platform Team|Using automated Packer pipeline process. Any requests for amendments to existing images, or for new images (e.g. for new operating systems) should be issued to the Cloud Platform Team. Note that maintaining the latest version of existing images is considered BAU activity.|
 |Provisioning of sandbox projects for individuals|Cloud Platform Team|Accomplished through the Tenant Factory.  Delivers a project used by individuals for familiarisation, learning, experimentation, and PoC work.|
 |Requesting a tenancy|Tenant|Through tenant request process.|
 |Provisioning of _default_ IAM groups for the new tenant|Cloud Platform Team|The Cloud Platform Team completes an automated request to the Google Workspace Team, which results in the creatin of groups.|

Diff for: content/epam-lz/onboarding/getting-started.md renamed to content/lz/onboarding/getting-started.md

@@ -26,8 +26,8 @@ We offer two different flavours of sandbox environment:
 
 |Type|Purpose|Name|
 |----|-------|----|
-|Individual|Allows individual users to: become familiar with GCP; learn and experiment; develop; test ideas.|epam-ecp-sandbox-{firstname-lastname} 
-|Tenant|Allows tenants (typically collections of multiple users) to: conduct early PoC work with their applications; develop; experiment; to develop infrastructure-as-code; with relatively unrestricted ability to deploy resources with the Google console.|epam-ecp-sandbox-{tenant}-{project_name}|
+|Individual|Allows individual users to: become familiar with GCP; learn and experiment; develop; test ideas.|some-org-ecp-sandbox-{firstname-lastname} 
+|Tenant|Allows tenants (typically collections of multiple users) to: conduct early PoC work with their applications; develop; experiment; to develop infrastructure-as-code; with relatively unrestricted ability to deploy resources with the Google console.|some-org-ecp-sandbox-{tenant}-{project_name}|
 
 ## Considerations
 

Diff for: content/epam-lz/onboarding/monitoring.md renamed to content/lz/onboarding/monitoring.md

@@ -73,17 +73,17 @@ graph LR
 Projects will be named according to the following naming standard:
 
 ```text
-epam-ecp-{tier}-{tenant}-{project_name}
+some-org-ecp-{tier}-{tenant}-{project_name}
 ```
 
 `{tier}` is one of `prod`, `flex`, or `sbox`.
 
 As an example, your initial project name might look like this:
 
 ```text
-epam-ecp-prod-pdp-app_foo
-epam-ecp-sbox-selling-app_bar
-epam-ecp-flex-ordering-sterling_1
+some-org-ecp-prod-pdp-app_foo
+some-org-ecp-sbox-selling-app_bar
+some-org-ecp-flex-ordering-sterling_1
 ```
 
 ## Default Tenant Groups
@@ -92,11 +92,11 @@ New tenants will be given a *default set of groups*, with appropriate roles for
 
 | Group Name | Access to |
 |------------|-----------|
-|_gcp-epam-ecp-<tenant>-admin|Admin access for all projects in your tenancy|
-|_gcp-epam-ecp-prod-<tenant>-viewer|View access for your Prod tenant hierarchy|
-|_gcp-epam-ecp-flex-<tenant>-viewer|View access for your Non-Prod (Flex) tenant hierarchy|
-|_gcp-epam-ecp-prod-<tenant>-support|Support access (including logging and monitoring access) for your Prod tenant hierarchy|
-|_gcp-epam-ecp-flex-<tenant>-support|Support access (including logging and monitoring access) for your Non-Prod (Flex) tenant hierarchy|
+|_gcp-some-org-ecp-<tenant>-admin|Admin access for all projects in your tenancy|
+|_gcp-some-org-ecp-prod-<tenant>-viewer|View access for your Prod tenant hierarchy|
+|_gcp-some-org-ecp-flex-<tenant>-viewer|View access for your Non-Prod (Flex) tenant hierarchy|
+|_gcp-some-org-ecp-prod-<tenant>-support|Support access (including logging and monitoring access) for your Prod tenant hierarchy|
+|_gcp-some-org-ecp-flex-<tenant>-support|Support access (including logging and monitoring access) for your Non-Prod (Flex) tenant hierarchy|
 
 ## Service Account
 
@@ -124,7 +124,7 @@ If you intend to store sensitive data on your network and require perimeter cont
 
 ## Your GitLab and Infrastructure Code
 
-As a new tenant, you will need to store your project's code in GitLab. This includes all the IaC you will use to deploy resources into your LZiiB environments.  Within **EPAM's GitLab**, the hiearchy looks like this:
+As a new tenant, you will need to store your project's code in GitLab. This includes all the IaC you will use to deploy resources into your LZiiB environments.  Within **some-org's GitLab**, the hiearchy looks like this:
 
 {{<mermaid align="left">}}
 graph TD
@@ -154,7 +154,7 @@ graph TD
 
 You will need to do the following:
 
-1. Create GitLab user accounts for any users in your team/tenancy that do not yet have a GitLab user account.  (Follow guidance [here](https://epam.engineering/how/setting-up-a-gitlab-account/).)
+1. Create GitLab user accounts for any users in your team/tenancy that do not yet have a GitLab user account.  (Follow guidance [here](https://some-org.engineering/how/setting-up-a-gitlab-account/).)
 1. Decide who will be your GitLab **tenancy subgroup owner(s)**.
 1. Submit a [request](/ecp/onboarding/getting-started/#how-to-raise-a-tenancy-request) to the _LZiiB (GitLab) owners_ to create your tenancy subgroup.  At this time, you will need to inform the _LZiiB owners_ of at least one _tenancy subgroup owner_.
 

Diff for: content/epam-lz/onboarding/patching.md renamed to content/lz/onboarding/patching.md

@@ -8,11 +8,10 @@ weight: 5
 
 - [What is LZiiB?](#what-is-LZiiB)
 - [Motivation for LZiiB](#motivation-for-LZiiB)
-- [Useful Links](#useful-links)
 
 ## What is LZiiB
 
-LZiiB is our reusable **EPAM Landing Zone-in-a-Box**.  It is a GCP-based platform, intended for the hosting of cloud-native applications, off-the-shelf products, packages, and as a migration target for existing VM-based on-prem workloads. These workloads can be Internet-facing, internally-facing, or both.
+LZiiB is our reusable **some-org Landing Zone-in-a-Box**.  It is a GCP-based platform, intended for the hosting of cloud-native applications, off-the-shelf products, packages, and as a migration target for existing VM-based on-prem workloads. These workloads can be Internet-facing, internally-facing, or both.
 
 ## Motivation for LZiiB
 
@@ -31,7 +30,7 @@ Google Cloud Platform offers hundreds of services.  There are a staggering numbe
 LZiiB wraps these standard Google Cloud services with:
 
 - A **landing zone** and **(Google) project factory**, providing a repeatable and consistent way to deploy cloud services, using standardised tools, monitoring, preferred patterns, and repeatable infrastructure-as-code.
-- Default **security policies**, to meet the enterprise needs of EPAM.
+- Default **security policies**, to meet the enterprise needs of some-org.
 - **Enforced use of automation**, to prevent configuration drift and inconsistency, and to ensure agility.
 - Private, SLA-backed high bandwidth, low latency **connectivity** to on-premises data centre networks, for use cases that need it.  (E.g. for routine high volume data transfer.) 
 - **Identity and access management** that is integrated with our existing on-prem master identity provider, Active Directory.
@@ -40,8 +39,3 @@ LZiiB wraps these standard Google Cloud services with:
 - A standardised, centralised approach to **operational support**.
 - Policy-enforced standardised **CIS-compliant operating system images**.
 - Standardised automation to create **single-tenant and multi-tenant Kubernetes** environments, for workloads and packages that can run in containers.
-
-## Useful Links
-
-- [LZiiB Overview](https://docs.google.com/presentation/d/1HOUBPD_6JQYMeknhn6aEf_4BhGBF8qNTw5lMlckiA8I)
-- [LZiiB Evolution Project - Overview and Familiarisation](https://docs.google.com/presentation/d/1XZgoScNIjp_BL_j5Ku_1M0lerC_J8arsMLpNFeggPrg)

Diff for: content/epam-lz/onboarding/responsibilities.md renamed to content/lz/onboarding/responsibilities.md

@@ -143,6 +143,6 @@ TBC.
 - [Architecting for DR in Google Cloud](https://cloud.google.com/architecture/disaster-recovery)
 - [Google Cloud DR Building Blocks](https://cloud.google.com/architecture/dr-scenarios-building-blocks)
 - [DR Scenarios for Data on Google Cloud](https://cloud.google.com/architecture/dr-scenarios-building-blocks)
-- [EPAM Availability Tiers - including RTOs and RPOs](https://docs.google.com/presentation/d/1HeJWoiUBGvVUYvidfhjPPELUcIkefG1aXZVkmuDShGc/edit#slide=id.g176b3abaab_4_22)
+- [some-org Availability Tiers - including RTOs and RPOs](https://docs.google.com/presentation/d/1HeJWoiUBGvVUYvidfhjPPELUcIkefG1aXZVkmuDShGc/edit#slide=id.g176b3abaab_4_22)
 
 

Diff for: content/epam-lz/onboarding/sandbox.md renamed to content/lz/onboarding/sandbox.md

@@ -28,7 +28,7 @@ params:
   editURL: "https://gitlab.com/demo-lz-docs/lz-cloud-team-portal/tree/master/content/"
   commitURL: "https://gitlab.com/demo-lz-docs/lz-cloud-team-portal/onboarding/commit/"
   author: "Darren Lester"
-  description: "Documentation for the EPAM LZ-in-a-Box Demo Docs"
+  description: "Documentation for the some-org LZ-in-a-Box Demo Docs"
   showVisitedLinks: true
   disableSearch: false
   # Javascript and CSS cache are automatically busted when new version of site is generated. 

Diff for: content/epam-lz/onboarding/your-tenancy.md renamed to content/lz/onboarding/your-tenancy.md

@@ -8,7 +8,7 @@
 
     // Cookie code hacked from: https://www.thesitewizard.com/javascripts/cookies.shtml
 
-    var style_cookie_name = "epam_docs_style";
+    var style_cookie_name = "some-org_docs_style";
     var style_cookie_duration = 3600;
     // {{ $url := urls.Parse .Site.BaseURL }}
     // var style_domain = "{{ $url.Hostname }}";

Diff for: content/epam-lz/overview.md renamed to content/lz/overview.md

@@ -8,7 +8,7 @@
 
     // Cookie code hacked from: https://www.thesitewizard.com/javascripts/cookies.shtml
 
-    var style_cookie_name = "epam_docs_style";
+    var style_cookie_name = "some-org_docs_style";
     var style_cookie_duration = 3600;
     // {{ $url := urls.Parse .Site.BaseURL }}
     // var style_domain = "{{ $url.Hostname }}";