🔍 About
This is a set of instructions to show the setup of the Grassland docker dev container, used to have a unified linux access experience for developers
This document assumes that your user has been added to AWS (via SSO)
Go to the root of this repository
Run make
This builds the docker image & runs it, you will then be logged into the Docker container where the appropriate tools are installed (AWS cli, kubectl etc)
The command make aws-init will:
- create the ~/.aws directory if it does not already exist
- create the ~/.aws/config file if it does not already exist
- append the aws profile [profile grassland] if it does not already exist
**NOTE: The aws profile (i.e. which AWS account you run against, can be changed by setting the environment variable AWS_PROFILE like so: export AWS_PROFILE=grassland
See the Usage Section
The environment is a mix of locally run resources, such as docker containers & remotely (i.e. in AWS) provisioned resources.
In order to prepare the environment a number of tools/utilities are required, such as:
- Create the following directory:
$HOME/.aws - Create a dummy credentials file by running:
touch ~/.aws/credentials - Create AWS config for AWS SSO by running:
cat <<EOF >> ~/.aws/config
[profile grassland]
sso_start_url = https://d-9d672f4202.awsapps.com/start
sso_region = ca-central-1
region = ca-central-1
sso_account_id = 932200675199
sso_role_name = AWSAdministratorAccess
EOFRunning make will verify the aws and env files exist, then build and run the image
# Run Docker build/run and login to the container:
make
# You should see something like the below prompt:
[root@c84a2fca9e06 src]#
In order to make changes within AWS, the console tools must be authenticated.
The authentication token is configured to expire after 12 hours.
A new authentication token can be issued by running the following command:
# Run the single sign on authentication command
aws-sso-util login --force --headlessThe above command will run, but not terminate. This is because it is waiting for the signin process to be completed on the AWS website.
The command will pause after displaying something similar to the following:
Logging in https://d-9067677899.awsapps.com/start/
AWS SSO login required.
Open the following URL in a browser:
https://device.sso.us-east-1.amazonaws.com/
Then enter the code:
VGPP-MCZV
- Copy and Paste the single sign on URI into a browser window
- When prompted by the websidte, provide the 9 character code
- Complete the sign-in process using the aws credentials that allow access to JVZoo resources
- The final step of this process will communicate with the paused console command
When successfully complete, the output should resemble:
...
VGPP-MCZV
Login succeeded, valid until 2021-04-14 19:17 UTC
[root@5737101ab0fa]#
- SAM - AWS Serverless Application Model
- S3 - AWS S3 (Simple Storage Service)
- Lambda - AWS Lambda Functions
- SQS - AWS SQS (Simple Queue Service)
- API gateway - AWS API Gateway
A list of code owners can be found in the CODEOWNERS file.
Details on how to contribute can be found in the CONTRIBUTING file.