Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature | Implement CLI pre-check + warnings for SSO and apps-prd layer Changes #264

Open
exequielrafaela opened this issue Apr 30, 2024 · 0 comments
Open

Feature | Implement CLI pre-check + warnings for SSO and apps-prd layer Changes #264

exequielrafaela opened this issue Apr 30, 2024 · 0 comments
Labels
feature patch

Comments

@exequielrafaela
Copy link
Member

exequielrafaela commented Apr 30, 2024
edited
Loading

Describe the Feature:

  1. Add a feature in the leverage CLI that detects when changes are being made to the AWS SSO layer and automatically output a warning message. This warning should remind users to verify the IAM fallback mechanism is in place.
  2. Additionally, implement similar warnings for any changes that could impact the apps-prd account or similar high-impact layers / accounts eg: security-base that could block wrongly configured public buckets.
  3. Consider the specific cae when deploying in a single account project where this account will have both dev and prd envs consolidated in it.

NOTE: For more info and context check https://binbashar.slack.com/archives/GG0PJ78J3/p1713380015074299

Expected Behavior:

When developers or operations teams initiate changes to the AWS SSO layer or related high-impact layers the cli should:

  1. Automatically detect the nature of the change.
  2. Display a clear and concise warning in the CLI output advising to proceed carefully
    1. Suggest verifying configurations that ensure continued access and operational stability.
    2. communicate that the user should ideally check the IAM fallback mechanisms before applying changes in this layer.

Use Case:

This feature is designed to prevent operational disruptions by enhancing user awareness of the need to be extra careful and to have a fallback mechanisms before applying changes that could lock out users or disrupt service continuity.

Describe Ideal Solution:

The ideal solution would integrate with existing CLI operations, using context-aware programming to detect specific changes to the AWS SSO layer or similar critical configurations. Upon detection, the CLI should:

  • Prompt a warning message that is immediately visible in the CLI output.
  • Offer a direct suggestion or reminder to check and verify IAM fallback settings.
  • Provide quick links or commands that help the user confirm or set up the necessary fallback mechanisms.

Alternatives Considered:

  1. Manual reminders or documentation updates to check fallback settings—less effective due to reliance on user compliance and memory.
  2. Pre-change checklists or manual approvals—could slow down operations and still miss specific edge cases without automated detection.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature patch
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@borland667 @exequielrafaela