This Document has been moved over to Google Drive
This document outlines the steps to get all the accounts and tools required to develop with Minerva, Waterloo Rocketry’s slackbot.
...
Access to the Development Slack
subject to change - we might create a new Slack workspace that’s under a Waterloo Rocketry email going into the future
The Development Slack is a free Slack workspace that is used to test the development deployment of Minerva. You can join it by either:
...
Note that since the development Slack is on a free plan, messages posted in it effectively have a 90-day retention period. Therefore, only use it for testing minerva Minerva and leave conversations to the main Slack.
...
The Development Google Calendar is the Google Calendar that the development Minerva reads events from and writes events ontointeracts with. You can view it from here.
In order to get edit access to the calendar, which is essential for testing Minerva’s calendar functionality, send a Slack DM to one of the primary contributors to the project, or to the Software Lead.Note to those inviting new users:
Instructions for onboarders
New users should be invited and given the “Make changes to events” permission on the Google Calendar once added. If you do not have “Make changes and manage sharing” permissions for the Google Calendar, and are therefore unable give them edit access, you can use the Development Google Account to give yourself the permissions to do so.
Access to the AWS Console
For making changes to Minerva’s infrastructure and viewing logs you will need access to the AWS console. This console can be accessed here.
Accessing the AWS console requires the creation of a user account to login with. To have a user account created for yourself, send a Slack DM to one of the primary contributors to the project, or to the Software Lead.
Instructions for onboarders
(Optional) Access to the AWS Console
...
Overview
Three IAM user groups currently exist for our AWS account:
AWSAdmin - Only to be given to Software Lead + highly trusted developers. Gives the
AdministratorAccesspermission policy to users, which gives you access over everything (except for billing). This includes the ability to view all the secrets that minerva uses in plain-text. This is also the only role that can create new user accounts.AWSUser - Gives full access to services such as Lambda, EventBridge, API Gateway, S3, and Cloudformation. To be only given to trusted users who actually need direct write access to AWS infrastructure, which is likely no one as changes can be made through the CDK stack in a much more transparent way.
AWSUser_ReadOnly - The default group to assign to new users. Gives read-only access to all the necessary services.
Creating new AWS user accounts
Navigate to the “create user” page in IAM
Enter a user name for the account. Make it something straightforward, like the individual’s WatIAM ID (e.g.
cwijesek)Check the “Provide user access to the AWS Management Console” box, check the “I want to create an IAM user” radio button (we’re not using AWS Identity Center…for now), and click “next”.
Select the User group that you want the user to be a part of. In almost all cases, this is just the
AWSUser_ReadOnlygroup. Click “next”.Verify that all the configurations are correct and if so, click on the “Create user” button.
Send the listed user name and console password to the individual that you are creating the account for. Note that the password provided is temporary and on the user’s first login they will be prompted to change it.
(Optional) Access to the Development Google Account
Access to the Development Google Account is only on a must-need basis. It owns the Development Google Calendar and (eventually) the Development Slack workspace.
Credentials can be obtained by messaging the Software lead and providing a valid use-case. If approved, you will be invited to a private Slack channel that will contain the email and password to the account.
If asked for a verification method (e.g. send my recovery phone/email a verification code), opt to send it to the recovery email.