AWS Console Access
New joiners for Cloud platform team will need AWS Console access for most things. IAM resources (users, groups, roles, etc) are managed by terraform so new users are nothing more than new resources in terraform.
Steps to create/delete users
1) Check the user is in the webops GitHub team, which authorizes access to this AWS account.
2) Create a git branch and add (or delete) the user as terraform code. Do not forget to link the user to a group.
terraform plan in
cloud-platform-infrastructure/terraform/cloud-platform-account/ to verify you’re happy with the terraform changes.
4) Create the PR, ask the team to review it, and merge it.
5) Create a release.
7) Create the PR, ask the team to review it, and merge it.
8) Let the apply-cloud-platform pipeline apply the changes.
9) Verify the user is created. (You can use AWS Console for this.)
10) Tell them they can login here: https://aws-login.cloud-platform.service.justice.gov.uk