Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clean up security groups and permissions for extra mounts #246

Merged
merged 1 commit into from
Aug 19, 2024
Merged

Clean up security groups and permissions for extra mounts #246

merged 1 commit into from
Aug 19, 2024

Conversation

cartalla
Copy link
Contributor

Don't add extramount security groups to parallelcluster

Don't add extra mount security groups to create cluster lambda

Add ec2:DeleteTags permission
Add missing fsx permissions.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@cartalla cartalla force-pushed the sg_cleanup branch 8 times, most recently from 07314fe to ffaff02 Compare July 31, 2024 06:08
@cartalla cartalla force-pushed the sg_cleanup branch 6 times, most recently from 2d80a97 to 049e2f4 Compare August 19, 2024 15:25
cartalla
cartalla commented Aug 19, 2024
View reviewed changes
docs/config.md Outdated Show resolved Hide resolved
@cartalla cartalla force-pushed the sg_cleanup branch 3 times, most recently from 0a09ebe to e8d3e35 Compare August 19, 2024 18:16
@cartalla
Clean up security groups and permissions for extra mounts
2f72195 
Create a CDK script to automate the creation of security groups for external
login nodes and for external FSx file systems.
Add a parameter, AdditionalSecurityGroupsStackName to get the security
group ids from the created stack and configure the head and compute node
additional security groups.

Update docs.
Update deployment-prerequisites.md.
Add security-groups.md.

Replace RESEnvironmentName parameter with RESStackName.
Get the RESEnvironment from the parameters of the RES stack.

Delete SubmitterInstanceTags parameter because not used anywhere.
Will add a new parameter to use configure/deconfigure external login nodes.

Don't add extramount security groups to parallelcluster.

Don't add extra mount security groups to create cluster lambda

Update permissions to lambda that creates ParallelCluster.
Add ec2:DeleteTags permission
Add missing fsx permissions.

Use cluster-manager instead of vdc-controller to create users/groups json.

Add errors to SNS notification in CreateBuildFiles lambda.

Handle special case where the same cluster name exists in multiple VPCs.
This causes Route53 hosted zones with the same names and the a record
for the head node gets created in the wrong hosted zone.

Make sure to send SNS notification if parallelCluster create or update fails.
@cartalla cartalla merged commit 2d84608 into main Aug 19, 2024
@cartalla cartalla deleted the sg_cleanup branch August 19, 2024 19:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@cartalla