From 7b5132e51e3cdb601ffb369e22c71c128ea43b42 Mon Sep 17 00:00:00 2001 From: Stephen Grier Date: Wed, 21 Feb 2024 17:01:57 +0000 Subject: [PATCH] Apply suggested changes from code review Add a few changes suggested by @galund following code review. Improve a few image alt texts; remove a duplicated line referring to removing users; and fix some spellings introduced in the last commit. Co-authored-by: George Lund --- source/manuals/working-with-aws-accounts.html.md.erb | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/source/manuals/working-with-aws-accounts.html.md.erb b/source/manuals/working-with-aws-accounts.html.md.erb index 2e198b4b..ec397ae4 100644 --- a/source/manuals/working-with-aws-accounts.html.md.erb +++ b/source/manuals/working-with-aws-accounts.html.md.erb @@ -8,7 +8,7 @@ review_in: 12 months Most teams in GDS use [Amazon Web Services (AWS)](https://aws.amazon.com/) as their infrastructure provider. GDS teams in GOV.UK and DSP manage their own AWS accounts, but users must first sign into a shared base AWS account called `gds-users`. They can then assume roles in their team's AWS account to perform administrative tasks using [AWS's cross-account access pattern](https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html). -Note GOV.UK One Login has its own AWS organisation separate from GDS / Cabinet Office accounts. That is managed by the program and separate guidance applies. +Note that GOV.UK One Login has its own AWS Organization separate from GDS / Cabinet Office accounts. That is managed by the programme, and separate guidance applies. ## Request AWS user access @@ -111,21 +111,21 @@ Once setup is complete users can access AWS using the AWS Console or the command https://gds-users.signin.aws.amazon.com/console
Screenshot of the sign in page - Screenshot of the sign in page + Screenshot showing AWS Sign-in screen. The 'Account ID or alias' box is filled out with 'gds-users'. 'IAM user name' and 'password' boxes are ready to fill out.
  • From the top right dropdown menu, select **Switch Role**
    Screenshot of the switch role menu item - Screenshot of the sign in page + Screenshot of the switch role menu, with 'Switch Role' appearing underneath the 'My Security Credentials' menu item.
  • Complete **Account** with account or account alias and the role you're switching to
    Screenshot of the switch role page - Screenshot of the sign in page + Screenshot of the switch role page with 'Account', 'Role' and 'Display name' boxes ready to fill out.
    • @@ -333,8 +333,6 @@ and ideally conform to the following (except for extenuating circumstances): When your team no longer requires an AWS account, contact Reliability Engineering using the [#Reliability-eng Slack Channel](https://gds.slack.com/messages/CAD6NP598/convo/CAD6NP598-1540294660.000100/). -GDS teams are responsible for managing their own leavers’ process. - ## Remove access to AWS accounts When someone no longer requires access to AWS (for example, because they've left GDS or your team) remove them from the `gds-users` base account using the **Request user removal** section of the: