Skip to content

Create AWS Secrets to Store Database Port Configuration#66504

Merged
sureshc merged 1 commit into
stagingfrom
infrastructure/create-aws-secrets-to-store-db-port-config
Jun 13, 2025
Merged

Create AWS Secrets to Store Database Port Configuration#66504
sureshc merged 1 commit into
stagingfrom
infrastructure/create-aws-secrets-to-store-db-port-config

Conversation

@sureshc

@sureshc sureshc commented Jun 13, 2025
edited
Loading

Copy link
Copy Markdown
Contributor

Needs to be deployed to all Stacks that use an Aurora / RDS cluster ahead of merging #66503

Links

  • Jira:

Testing story

code-dot-org $ bundle exec rake adhoc:validate RAILS_ENV=adhoc DATABASE=1 STACK_NAME=adhoc-secrets-for-db-port-config
Finished adhoc:environment (less than a minute)
Pending create for stack `adhoc-secrets-for-db-port-config`:
Add Aurora0 [AWS::RDS::DBInstance]
Add Aurora1 [AWS::RDS::DBInstance]
Add Aurora3ClusterDBParameters [AWS::RDS::DBClusterParameterGroup]
Add AuroraCluster [AWS::RDS::DBCluster]
Add BrowserEventLogsStream [AWS::Logs::LogStream]
Add BrowserEventLogs [AWS::Logs::LogGroup]
Add CDOPolicy [AWS::IAM::ManagedPolicy]
Add ChefConfig [AWS::SecretsManager::Secret]
Add DBClusterIDConfig [AWS::SecretsManager::Secret]
Add DBProxyReaderEndpointConfig [AWS::SecretsManager::Secret]
Add DBProxyReaderEndpointPortConfig [AWS::SecretsManager::Secret]
Add DBProxyReportingEndpointConfig [AWS::SecretsManager::Secret]
Add DBProxyReportingEndpointPortConfig [AWS::SecretsManager::Secret]
Add DBProxyRole [AWS::IAM::Role]
Add DBProxyTargetGroup [AWS::RDS::DBProxyTargetGroup]
Add DBProxyWriterEndpointConfig [AWS::SecretsManager::Secret]
Add DBProxyWriterEndpointPortConfig [AWS::SecretsManager::Secret]
Add DBProxy [AWS::RDS::DBProxy]
Add DBWriterEndpointConfig [AWS::SecretsManager::Secret]
Add DBWriterEndpointPortConfig [AWS::SecretsManager::Secret]
Add DaemonInstanceProfile [AWS::IAM::InstanceProfile]
Add DaemonRole [AWS::IAM::Role]
Add DashboardDNS [AWS::Route53::RecordSetGroup]
Add DatabaseSecretAdmin [AWS::SecretsManager::Secret]
Add DatabaseSecretReader [AWS::SecretsManager::Secret]
Add DatabaseSecretWriter [AWS::SecretsManager::Secret]
Add HourOfCodeCertificate [AWS::CertificateManager::Certificate]
Add PegasusDNS [AWS::Route53::RecordSetGroup]
Add ReaderDBProxyEndpoint [AWS::RDS::DBProxyEndpoint]
Add ReaderSQLUser [Custom::SQLUser]
Add ReportingDBDomainName [AWS::Route53::RecordSetGroup]
Add ReportingDBProxyEndpoint [AWS::RDS::DBProxyEndpoint]
Add ReportingDBProxyTargetGroup [AWS::RDS::DBProxyTargetGroup]
Add ReportingDBProxy [AWS::RDS::DBProxy]
Add WebServer [AWS::EC2::Instance]
Add WriterSQLUser [Custom::SQLUser]
Finished adhoc:validate (less than a minute)

Deployment strategy

Follow-up work

Privacy

Security

Caching

PR Checklist:

  • Tests provide adequate coverage
  • Privacy and Security impacts have been assessed
  • Code is well-commented
  • New features are translatable or updates will not break translations
  • Relevant documentation has been added or updated
  • User impact is well-understood and desirable
  • Pull Request is labeled appropriately
  • Follow-up work items (including potential tech debt) are tracked and linked

@sureshc
Create the Stack-specific Secrets that store database port configurat…
d51e301 
…ion settings ahead of a Pull Request that uses them.
@sureshc sureshc marked this pull request as ready for review June 13, 2025 00:09
@sureshc sureshc requested a review from a team as a code owner June 13, 2025 00:09
@sureshc sureshc merged commit 119df3a into staging Jun 13, 2025
4 of 6 checks passed
@sureshc sureshc deleted the infrastructure/create-aws-secrets-to-store-db-port-config branch June 13, 2025 00:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wilkie wilkie wilkie approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sureshc @wilkie