Merge branch 'main' into 89-add-new-iam-user-here

Author: here

.github/ISSUE_TEMPLATE/blank-issue-template.md

@@ -2,7 +2,7 @@
 name: Blank Issue Template
 about: 'Standard HackforLA issue template '
 title: ''
-labels: 'Complexity: Missing, Feature Missing, role missing, size: missing'
+labels: 'size: missing'
 assignees: ''
 
 ---

.github/ISSUE_TEMPLATE/decision-record.md

@@ -0,0 +1,38 @@
+---
+name: Decision Record
+about: Research, Recommend, Write Decision Record, Get Sign Off, and Create Implementation
+  Issue
+title: 'DR: [NAME OF DECISION RECORD]'
+labels: 'complexity: missing, feature: missing, missing: milestone, role: missing,
+  size: missing'
+assignees: ''
+
+---
+
+### Overview
+We need to document what our [NAME OF DECISION RECORD] requirements are, so that we can [WHY IT NEEDS TO BE DONE, OR WHAT WORK IT ENABLES TO BE DONE]
+
+### Action Items
+- [ ] Research current best practices
+- [ ] Write up a Recommendation
+- [ ] Get approval on recommendation
+- [ ] Write Decision record
+- [ ] Get approval
+- [ ] Add Decision Record to wiki in the appropriate places
+   - [ ] List under "Link to all the decision records" (resource 1.01)
+   - [ ] List under "Records" (resource 1.02)
+- [ ] Create an issue to write code and implement policy
+
+### Resources/Instructions
+- 1.01 https://github.com/hackforla/ops/wiki/Decision-Records
+- 1.02 https://github.com/hackforla/ops/wiki/Decision-Records-on-Solutions-Adopted
+
+Template for decision record
+```
+This is a record in the [Decision Records on Solutions Adopted](https://github.com/hackforla/website/wiki/Decision-Records-on-Solutions-Adopted).
+
+#### Issue 
+#### Problem Statement
+#### Potential Solution
+#### Feasibility Determination
+```

.github/ISSUE_TEMPLATE/pre-work-template-devops-security.md

@@ -2,8 +2,7 @@
 name: Pre-work Template - DevOps-Security
 about: Newly onboarded team members should start by making this issue for themselves
 title: 'Pre-work Checklist: DevOps-Security-Member: [replace brackets with your name]'
-labels: 'Complexity: Prework, Feature: Onboarding/Contributing.md, role missing, size:
-  1pt'
+labels: 'Complexity: Prework, Feature: Onboarding/Contributing.md, size: 1pt'
 assignees: ''
 
 ---
@@ -22,6 +21,8 @@ As a new member on the HfLA devops-security team, fill in the following fields a
 
 - [ ] Before starting to work on the below instructions, make sure to join the #ops Slack Channel. And are a member of `devops-security` repository.
 - [ ] Self-assign this issue (gear in right side panel).
+- [ ] Select a role label (gear in label section on the right). They begin with "role:". This should be what you want to do in the DevOps CoP
+- [ ] Change the issue status to 'in progress' (right side panel).
 - [ ] Add this issue to the Project Board CoP: DevOps: Project Board - under the Projects section (gear in right side panel).
 - [ ] Attend weekly team meeting, Wednesdays 6-8pm PST.
   - [ ] Note: There are no meetings on the 1st Wednesday of every month.
@@ -41,7 +42,7 @@ As a new member on the HfLA devops-security team, fill in the following fields a
 - [ ] Install Terraform locally by following the instructions of the installation guide mentioned in [Installing Terraform](https://github.com/hackforla/devops-security/blob/main/CONTRIBUTING.md#installing-terraform)
 - [ ] Install Terraform Docs locally by following the instructions of the installation guide mentioned in [Installing Terraform docs](https://github.com/hackforla/devops-security/blob/main/CONTRIBUTING.md#installing-terraform-docs)
 - [ ] Complete the instructions in [Clone the repository](https://github.com/hackforla/devops-security/blob/main/CONTRIBUTING.md#clone-the-repository)
-- [ ] Submit a [new request](https://github.com/hackforla/devops-security/issues/new?assignees=&labels=enhancement&projects=&template=request-aws-iam-resources.yml) to create new AWS user account and then self-assign this issue.
+- [ ] Submit a [new request](https://github.com/hackforla/devops-security/issues/new?assignees=&projects=&template=request-aws-iam-resources.yml) to create new AWS user account and then self-assign this issue.
 - [ ] Create a new branch from main by executing the command
 
     ```bash
@@ -53,14 +54,14 @@ As a new member on the HfLA devops-security team, fill in the following fields a
     ```bash
     # Replace USERNAME with your GitHub handle
     module "iam_user_USERNAME" {
-    source = "./modules/aws-users"
+      source = "./modules/aws-users"
 
-    user_name = "USERNAME" # Replace with GitHub handle
-    user_tags = {
-      "Project"      = "devops-security"
-      "Access Level" = "1"
-    }
-    user_groups = ["read-only-group"]
+      user_name = "USERNAME" # Replace with GitHub handle
+      user_tags = {
+        "Project"      = "devops-security"
+        "Access Level" = "1"
+      }
+      user_groups = ["read-only-group"]
     }
 
     ```

.github/ISSUE_TEMPLATE/request-aws-iam-resources.yml

@@ -1,6 +1,6 @@
 name: 'Request AWS IAM user or service account'
 description: 'Issue for requesting IAM accounts'
-labels: ['enhancement']
+labels: ['feature: AWS user request','size: 1pt','role: missing']
 
 body: 
     - type: input

.gitignore

@@ -6,6 +6,7 @@
 
 # Ignore local development variable file
 backend.tfvars
+terraform.tfstate
 
 # Ignore override files
 *.tfoverride
@@ -18,4 +19,7 @@ backend.tfvars
 terraform.rc
 
 # Ignore metadata files
-*.tfstate.lock.info
+*.tfstate.lock.info
+
+# Ignore lock file
+*.terraform.lock.hcl

CONTRIBUTING.md

@@ -8,28 +8,18 @@ Below are guidelines for contributing to the devops-security repository hosted o
 **The team recommends using [VS Code](https://code.visualstudio.com/download) as the preferred text editor for working on code, but feel free to utilize a text editor of your preference.**
 
 **If you have any additional questions about your contribution process, please feel free to reach out to the team in the [#ops](https://hackforla.slack.com/archives/CV7QGL66B) Slack channel.**
-<br><br>
-
-## **Table of Contents**
-- [**How to Contribute to DevOps**](#how-to-contribute-to-devops)
-- [**Table of Contents**](#table-of-contents)
-- [**Setting up the local development environment**](#setting-up-the-local-development-environment)
-    - [**Creating a personal AWS account**](#creating-a-personal-aws-account)
-    - [**Login as root user & setup MFA**](#login-as-root-user-&-setup-mfa)
-    - [**Setting up IAM and AWS CLI**](#setting-up-iam-and-aws-cli)
-        - [**Create an IAM User**](#create-an-iam-user)
-        - [**Create an IAM Group**](#create-an-iam-group)
-        - [**Attach IAM user to IAM group**](#attach-iam-user-to-iam-group)
-        - [**Attach `AdministratorAccess` policy to IAM group**](#attach-administratoraccess-policy-to-iam-group)
-        - [**Generating Access Keys for AWS CLI**](#generating-access-keys-for-aws-cli)
-    - [**Installing Terraform**](#installing-terraform)
-    - [**Creating Backend State**](#creating-backend-state)
-    - [**Installing Terraform docs**](#installing-terraform-docs)
-    - [**Clone (Create) a copy on your computer**](#clone-create-a-copy-on-your-computer)
-    - [**Create a new branch where you will work on your issue**](#create-a-new-branch-where-you-will-work-on-your-issue)
-    - [**Creating Local tfvars file**](#creating-local-tfvars-file)
-    - [**Terraform Setup and Execution Instructions**](#terraform-setup-and-execution-instructions)
-    - [**Submitting changes via git and opening a PR**](#submitting-changes-via-git-and-opening-a-pr)
+
+### Overview
+
+- [Setting up the local development environment](#setting-up-the-local-development-environment)
+  - AWS identity and access management
+  - AWS CLI
+  - Terraform
+- [Submitting changes via git and opening a PR](#submitting-changes-via-git-and-opening-a-pr)
+
+### Table of Contents
+
+A generated table of contents is available on GitHub by [opening the outline icon](https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#headings) at the top of the markdown preview window.
 
 ## **Setting up the local development environment**
 The below instructions will walk you through setting up your own AWS account for local development and testing before pushing changes that will effect our infrastructure. 
@@ -44,7 +34,7 @@ If you've already completed these steps or you aren't making Terraform changes,
 - Agree to the AWS Customer Agreement and Service Terms, complete the registration by clicking `"Create Account and Continue"`, verify your phone number via text or call, confirm your email address following the instructions in the confirmation email, and finally sign in to access your new AWS account using your email and password.
 - Follow this [video guide](https://youtu.be/CjKhQoYeR4Q?si=78GhlDLV5zZu8qwh) for deeper explanations.
 
-<sub>[Back to Table of Contents](#table-of-contents)</sub>
+<sub>[Back to Top](#)</sub>
 ***
 
 ### **Login as root user & setup MFA**
@@ -57,7 +47,7 @@ If you've already completed these steps or you aren't making Terraform changes,
 
 **Note:** Select the `us-west-2` region. It's not required for managing IAM resources, as they are global. However, it's advisable since our other resources are in the same region.
 
-<sub>[Back to Table of Contents](#table-of-contents)</sub>
+<sub>[Back to Top](#)</sub>
 ***
 
 ## **Setting up IAM and AWS CLI**
@@ -86,7 +76,7 @@ If you've already completed these steps or you aren't making Terraform changes,
   ```
   **Note:** Password length must be 20 characters
 
-  <sub>[Back to Table of Contents](#table-of-contents)</sub>
+  <sub>[Back to Top](#)</sub>
   ***
 - ### **Create an IAM Group**
 
@@ -95,7 +85,7 @@ If you've already completed these steps or you aren't making Terraform changes,
   ```bash
   aws iam create-group --group-name AdminGroup
   ```
-  <sub>[Back to Table of Contents](#table-of-contents)</sub>
+  <sub>[Back to Top](#)</sub>
   ***
 - ### **Attach IAM user to IAM group**
 
@@ -109,7 +99,7 @@ If you've already completed these steps or you aren't making Terraform changes,
   ```bash
   aws iam add-user-to-group --group-name AdminGroup --user-name octocat
   ```
-  <sub>[Back to Table of Contents](#table-of-contents)</sub>
+  <sub>[Back to Top](#)</sub>
   ***
 - ### **Attach `AdministratorAccess` policy to IAM group**
 
@@ -118,7 +108,7 @@ If you've already completed these steps or you aren't making Terraform changes,
   ```bash
   aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AdministratorAccess --group-name AdminGroup
   ```
-  <sub>[Back to Table of Contents](#table-of-contents)</sub>
+  <sub>[Back to Top](#)</sub>
   ***
 - Log in as the newly created user instead of continuing to log in as the root user.
 - ### **Generating Access Keys for AWS CLI**
@@ -133,13 +123,13 @@ If you've already completed these steps or you aren't making Terraform changes,
     ```bash
     nano access_key.json
     ```
-  <sub>[Back to Table of Contents](#table-of-contents)</sub>
+  <sub>[Back to Top](#)</sub>
   ***
 The below steps must be completed in order to authenticate to AWS locally via the command line interface (CLI):
 - [Install AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html) 
-- [Set up the AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-quickstart.html)
+- [Set up the AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-authentication-user.html)
 
-<sub>[Back to Table of Contents](#table-of-contents)</sub>
+<sub>[Back to Top](#)</sub>
 ***
 
 ### **Creating Backend State**
@@ -189,21 +179,21 @@ aws dynamodb create-table \
     --billing-mode PAY_PER_REQUEST
 ```
 
-<sub>[Back to Table of Contents](#table-of-contents)</sub>
+<sub>[Back to Top](#)</sub>
 ***
 
 ### **Installing Terraform**
 
 Use the [Official HashiCorp install instructions](https://developer.hashicorp.com/terraform/install) for installing terraform.
 
-<sub>[Back to Table of Contents](#table-of-contents)</sub>
+<sub>[Back to Top](#)</sub>
 ***
 
 ### **Installing Terraform docs**
 
 Follow the Terraform docs [installation guide](https://terraform-docs.io/user-guide/installation/)
 
-<sub>[Back to Table of Contents](#table-of-contents)</sub>
+<sub>[Back to Top](#)</sub>
 ***
 
 ## **Clone the repository**
@@ -230,7 +220,7 @@ You should now have a new folder in your `hackforla` folder called `devops-secur
 cd devops-security
 ```
 
-<sub>[Back to Table of Contents](#table-of-contents)</sub>
+<sub>[Back to Top](#)</sub>
 ***
 
 ### **Create a new branch where you will work on your issue**
@@ -256,7 +246,7 @@ git checkout -b update-contributing-guide-15
 
 When you've finished working on your issue, follow the steps below to prepare your changes to push to your repository.
 
-<sub>[Back to Table of Contents](#table-of-contents)</sub>
+<sub>[Back to Top](#)</sub>
 ***
 
 ### **Creating Local tfvars file**
@@ -266,14 +256,14 @@ After creating a backend state, create a `backend.tfvars` file in the `terraform
 ```terraform
 bucket         = "USERNAME-hfla-ops-terraform-state"
 key            = "devops-security/terraform.tfstate"
-region         = "us-east-2"
+region         = "us-west-2"
 dynamodb_table = "hfla_ops_terraform_table"
 encrypt        = true
 ```
 
 Remember to match these values to the ones in your backend state (and replace USERNAME with your username)
 
-<sub>[Back to Table of Contents](#table-of-contents)</sub>
+<sub>[Back to Top](#)</sub>
 ***
 
 ### **Terraform Setup and Execution Instructions**
@@ -307,7 +297,7 @@ terraform apply
 terraform destroy
 ```
 
-<sub>[Back to Table of Contents](#table-of-contents)</sub>
+<sub>[Back to Top](#)</sub>
 ***
 
 ### Generate Terraform Docs
@@ -321,7 +311,7 @@ cd terraform # or other directory
 terraform-docs -c .terraform.docs.yml .
 ```
 
-<sub>[Back to Table of Contents](#table-of-contents)</sub>
+<sub>[Back to Top](#)</sub>
 ***
 
 ### **Submitting changes via git and opening a PR**
@@ -346,5 +336,5 @@ git add terraform/aws-users.tf
   ```
 - Lastly open a PR to merge your changes into the `main` branch.
 
-<sub>[Back to Table of Contents](#table-of-contents)</sub>
+<sub>[Back to Top](#)</sub>
 ***

terraform/.terraform.lock.hcl

@@ -11,23 +11,28 @@ Resources created by this code repository.
 | <a name="module_iam_oidc_gha_incubator"></a> [iam\_oidc\_gha\_incubator](#module\_iam\_oidc\_gha\_incubator) | ./modules/aws-gha-oidc-providers | n/a |
 | <a name="module_iam_read_only_group"></a> [iam\_read\_only\_group](#module\_iam\_read\_only\_group) | ./modules/aws-groups | n/a |
 | <a name="module_iam_services_supervisor_group"></a> [iam\_services\_supervisor\_group](#module\_iam\_services\_supervisor\_group) | ./modules/aws-groups | n/a |
+| <a name="module_iam_user_Bwoltz"></a> [iam\_user\_Bwoltz](#module\_iam\_user\_Bwoltz) | ./modules/aws-users | n/a |
 | <a name="module_iam_user_JimmyJuarez10"></a> [iam\_user\_JimmyJuarez10](#module\_iam\_user\_JimmyJuarez10) | ./modules/aws-users | n/a |
 | <a name="module_iam_user_abbyz123"></a> [iam\_user\_abbyz123](#module\_iam\_user\_abbyz123) | ./modules/aws-users | n/a |
 | <a name="module_iam_user_alexe"></a> [iam\_user\_alexe](#module\_iam\_user\_alexe) | ./modules/aws-users | n/a |
 | <a name="module_iam_user_awlFCCamp"></a> [iam\_user\_awlFCCamp](#module\_iam\_user\_awlFCCamp) | ./modules/aws-users | n/a |
+| <a name="module_iam_user_bltomlin"></a> [iam\_user\_bltomlin](#module\_iam\_user\_bltomlin) | ./modules/aws-users | n/a |
 | <a name="module_iam_user_brittanyms"></a> [iam\_user\_brittanyms](#module\_iam\_user\_brittanyms) | ./modules/aws-users | n/a |
 | <a name="module_iam_user_chelseyb"></a> [iam\_user\_chelseyb](#module\_iam\_user\_chelseyb) | ./modules/aws-users | n/a |
 | <a name="module_iam_user_drakeredwind01"></a> [iam\_user\_drakeredwind01](#module\_iam\_user\_drakeredwind01) | ./modules/aws-users | n/a |
 | <a name="module_iam_user_freaky4wrld"></a> [iam\_user\_freaky4wrld](#module\_iam\_user\_freaky4wrld) | ./modules/aws-users | n/a |
 | <a name="module_iam_user_herehfla"></a> [iam\_user\_herehfla](#module\_iam\_user\_herehfla) | ./modules/aws-users | n/a |
+| <a name="module_iam_user_gmgonzal"></a> [iam\_user\_gmgonzal](#module\_iam\_user\_gmgonzal) | ./modules/aws-users | n/a |
 | <a name="module_iam_user_jbubar"></a> [iam\_user\_jbubar](#module\_iam\_user\_jbubar) | ./modules/aws-users | n/a |
 | <a name="module_iam_user_lsousadev"></a> [iam\_user\_lsousadev](#module\_iam\_user\_lsousadev) | ./modules/aws-users | n/a |
 | <a name="module_iam_user_npang4"></a> [iam\_user\_npang4](#module\_iam\_user\_npang4) | ./modules/aws-users | n/a |
+| <a name="module_iam_user_raibarra"></a> [iam\_user\_raibarra](#module\_iam\_user\_raibarra) | ./modules/aws-users | n/a |
 | <a name="module_iam_user_rsakuma"></a> [iam\_user\_rsakuma](#module\_iam\_user\_rsakuma) | ./modules/aws-users | n/a |
 | <a name="module_iam_user_samuelusc"></a> [iam\_user\_samuelusc](#module\_iam\_user\_samuelusc) | ./modules/aws-users | n/a |
 | <a name="module_iam_user_shikha0428"></a> [iam\_user\_shikha0428](#module\_iam\_user\_shikha0428) | ./modules/aws-users | n/a |
 | <a name="module_iam_user_shinjonathan"></a> [iam\_user\_shinjonathan](#module\_iam\_user\_shinjonathan) | ./modules/aws-users | n/a |
 | <a name="module_iam_user_spiteless"></a> [iam\_user\_spiteless](#module\_iam\_user\_spiteless) | ./modules/aws-users | n/a |
+| <a name="module_iam_user_srinipandiyan"></a> [iam\_user\_srinipandiyan](#module\_iam\_user\_srinipandiyan) | ./modules/aws-users | n/a |
 | <a name="module_iam_user_testiamuser"></a> [iam\_user\_testiamuser](#module\_iam\_user\_testiamuser) | ./modules/aws-users | n/a |
 | <a name="module_iam_user_tylerthome"></a> [iam\_user\_tylerthome](#module\_iam\_user\_tylerthome) | ./modules/aws-users | n/a |
 
@@ -51,4 +56,4 @@ Terraform directory structure
 To automatically update this documentation, install terraform-docs on your local machine run the following: 
 `cd <directory of README location to update>`
 `terraform-docs -c .terraform.docs.yml .`
-<!-- END_TF_DOCS -->    
+<!-- END_TF_DOCS -->