From 25ca93ac6b726891daf1d7f59a93d5fa9eee563c Mon Sep 17 00:00:00 2001 From: Mike Bell Date: Mon, 25 Nov 2024 10:15:33 +0000 Subject: [PATCH] docs: Review and update runbooks --- runbooks/source/add-new-opa-policy.html.md.erb | 2 +- runbooks/source/auth0-rotation.html.md.erb | 2 +- runbooks/source/bastion-node.html.md.erb | 2 +- runbooks/source/delete-prometheus-metrics.html.md.erb | 2 +- runbooks/source/delete-state-lock.html.md.erb | 2 +- runbooks/source/disaster-recovery-scenarios.html.md.erb | 4 ++-- runbooks/source/export-elasticsearch-to-csv.html.md.erb | 2 +- runbooks/source/get-audit-log-from-modsec.html.md.erb | 2 +- runbooks/source/resolve-opensearch-no-logs.html.md.erb | 2 +- .../source/resolve-opensearch-shard-issues.html.md.erb | 4 ++-- runbooks/source/upgrade-terraform-version.html.md.erb | 8 ++++---- runbooks/source/upgrade-user-components.html.md.erb | 2 +- 12 files changed, 17 insertions(+), 17 deletions(-) diff --git a/runbooks/source/add-new-opa-policy.html.md.erb b/runbooks/source/add-new-opa-policy.html.md.erb index 8cd36c6b..b9e47058 100644 --- a/runbooks/source/add-new-opa-policy.html.md.erb +++ b/runbooks/source/add-new-opa-policy.html.md.erb @@ -1,7 +1,7 @@ --- title: Add a new OPA policy weight: 9000 -last_reviewed_on: 2024-05-24 +last_reviewed_on: 2024-11-25 review_in: 6 months --- diff --git a/runbooks/source/auth0-rotation.html.md.erb b/runbooks/source/auth0-rotation.html.md.erb index 40976ccd..a6266d35 100644 --- a/runbooks/source/auth0-rotation.html.md.erb +++ b/runbooks/source/auth0-rotation.html.md.erb @@ -1,7 +1,7 @@ --- title: Credentials rotation for auth0 apps weight: 68 -last_reviewed_on: 2024-05-24 +last_reviewed_on: 2024-11-25 review_in: 6 months --- diff --git a/runbooks/source/bastion-node.html.md.erb b/runbooks/source/bastion-node.html.md.erb index 9dd5fd3a..40f48f2e 100644 --- a/runbooks/source/bastion-node.html.md.erb +++ b/runbooks/source/bastion-node.html.md.erb @@ -1,7 +1,7 @@ --- title: Create and access bastion node weight: 97 -last_reviewed_on: 2024-05-24 +last_reviewed_on: 2024-11-25 review_in: 6 months --- diff --git a/runbooks/source/delete-prometheus-metrics.html.md.erb b/runbooks/source/delete-prometheus-metrics.html.md.erb index 8807c51c..ce65bbb8 100644 --- a/runbooks/source/delete-prometheus-metrics.html.md.erb +++ b/runbooks/source/delete-prometheus-metrics.html.md.erb @@ -1,7 +1,7 @@ --- title: Delete Prometheus Metrics weight: 170 -last_reviewed_on: 2024-05-24 +last_reviewed_on: 2024-11-25 review_in: 6 months --- diff --git a/runbooks/source/delete-state-lock.html.md.erb b/runbooks/source/delete-state-lock.html.md.erb index 70684230..680e054b 100644 --- a/runbooks/source/delete-state-lock.html.md.erb +++ b/runbooks/source/delete-state-lock.html.md.erb @@ -1,7 +1,7 @@ --- title: Delete terraform state lock weight: 199 -last_reviewed_on: 2024-05-24 +last_reviewed_on: 2024-11-25 review_in: 6 months --- diff --git a/runbooks/source/disaster-recovery-scenarios.html.md.erb b/runbooks/source/disaster-recovery-scenarios.html.md.erb index d74a3454..aaf401f2 100644 --- a/runbooks/source/disaster-recovery-scenarios.html.md.erb +++ b/runbooks/source/disaster-recovery-scenarios.html.md.erb @@ -1,7 +1,7 @@ --- title: Cloud Platform Disaster Recovery Scenarios weight: 91 -last_reviewed_on: 2024-05-20 +last_reviewed_on: 2024-11-25 review_in: 6 months --- @@ -152,7 +152,7 @@ This way of restoring the whole cluster have been tested with below procedure Any namespaces over 3 hours old can be recovered using Velero (newer namespaces might not have been backed up before the incident occurred). Create the cluster with the **same** name from the [source code](https://github.com/ministryofjustice/cloud-platform-infrastructure/blob/main/create-cluster.rb) -and provide the exisiting `vpc-name`. This will link the velero backup locations to the lost cluster. +and provide the existing `vpc-name`. This will link the velero backup locations to the lost cluster. Find the name of the most recent backup of the `allnamespacebackup` schedule: diff --git a/runbooks/source/export-elasticsearch-to-csv.html.md.erb b/runbooks/source/export-elasticsearch-to-csv.html.md.erb index db88f15e..e35a1daa 100644 --- a/runbooks/source/export-elasticsearch-to-csv.html.md.erb +++ b/runbooks/source/export-elasticsearch-to-csv.html.md.erb @@ -1,7 +1,7 @@ --- title: Export data from AWS Elasticsearch into a CSV file weight: 190 -last_reviewed_on: 2024-05-24 +last_reviewed_on: 2024-11-25 review_in: 6 months --- diff --git a/runbooks/source/get-audit-log-from-modsec.html.md.erb b/runbooks/source/get-audit-log-from-modsec.html.md.erb index 9211340a..6834b8ff 100644 --- a/runbooks/source/get-audit-log-from-modsec.html.md.erb +++ b/runbooks/source/get-audit-log-from-modsec.html.md.erb @@ -1,7 +1,7 @@ --- title: Get an audit log from modsec weight: 8600 -last_reviewed_on: 2024-05-24 +last_reviewed_on: 2024-11-25 review_in: 6 months --- diff --git a/runbooks/source/resolve-opensearch-no-logs.html.md.erb b/runbooks/source/resolve-opensearch-no-logs.html.md.erb index 1713d664..ba4c48c2 100644 --- a/runbooks/source/resolve-opensearch-no-logs.html.md.erb +++ b/runbooks/source/resolve-opensearch-no-logs.html.md.erb @@ -1,7 +1,7 @@ --- title: Resolving no logs in modsec OpenSearch weight: 190 -last_reviewed_on: 2024-05-24 +last_reviewed_on: 2024-11-25 review_in: 6 months --- diff --git a/runbooks/source/resolve-opensearch-shard-issues.html.md.erb b/runbooks/source/resolve-opensearch-shard-issues.html.md.erb index d86fd11f..4da41717 100644 --- a/runbooks/source/resolve-opensearch-shard-issues.html.md.erb +++ b/runbooks/source/resolve-opensearch-shard-issues.html.md.erb @@ -1,7 +1,7 @@ --- title: Resolving OpenSearch shard problems weight: 190 -last_reviewed_on: 2024-05-24 +last_reviewed_on: 2024-11-25 review_in: 6 months --- @@ -52,7 +52,7 @@ kubectl run curl-pod -n --image="alpine/curl" --restart=Never - ## Connecting to the OpenSearch api -Because we have fine-grained access enabled on OpenSearch connection isn't based on ip. It's based on SAML. To link your cli with OpenSearch there is a manual step of adding your aws user arn to the `all_access` OpenSearh role. +Because we have fine-grained access enabled on OpenSearch connection isn't based on ip. It's based on SAML. To link your cli with OpenSearch there is a manual step of adding your aws user arn to the `all_access` OpenSearch role. 1. login to the OpenSearch dashboard using github via saml 1. as a webops team member you have permissions to edit roles so head to Security -> Roles -> `all_access` (see screenshot below) diff --git a/runbooks/source/upgrade-terraform-version.html.md.erb b/runbooks/source/upgrade-terraform-version.html.md.erb index 76887546..d6b60493 100644 --- a/runbooks/source/upgrade-terraform-version.html.md.erb +++ b/runbooks/source/upgrade-terraform-version.html.md.erb @@ -1,7 +1,7 @@ --- title: Upgrade Terraform Version weight: 54 -last_reviewed_on: 2024-05-24 +last_reviewed_on: 2024-11-25 review_in: 6 months --- @@ -126,10 +126,10 @@ Here is a snapshot of how our directory looks but this is likely to change: aws-accounts ├── cloud-platform-aws │ ├── account # AWS Account specific configuration. -│ └── vpc # VPC creation. Workspaces for individual clusters +│ └── vpc # VPC creation. Workspaces for individual clusters │ ├── eks # Holding EKS, workspaces for individual clusters. -│ │ └── components # EKS components. Workspaces for individual clusters -│ └── kops # Holding KOPS, workspaces for individual clusters. +│ │ └── core # EKS core. Workspaces for individual clusters + | └── components # EKS components. ├── cloud-platform-dsd │ └── main.tf ├── cloud-platform-ephemeral-test diff --git a/runbooks/source/upgrade-user-components.html.md.erb b/runbooks/source/upgrade-user-components.html.md.erb index d0e041a4..335538e6 100644 --- a/runbooks/source/upgrade-user-components.html.md.erb +++ b/runbooks/source/upgrade-user-components.html.md.erb @@ -1,7 +1,7 @@ --- title: Upgrade user components weight: 55 -last_reviewed_on: 2024-05-24 +last_reviewed_on: 2024-11-25 review_in: 6 months ---