Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

improve and first of all fix account cleanup #39

Draft
wants to merge 6 commits into
base: master
Choose a base branch
from
Draft

improve and first of all fix account cleanup #39

wants to merge 6 commits into from

Conversation

schnipseljagd
Copy link
Contributor

@schnipseljagd schnipseljagd commented Feb 6, 2023
edited
Loading

  • store vending date
  • add clean up accounts state machine
  • update dependencies
  • replace awsapilib and recover crazy nodejs with pupeteer from before

Open

  • delete accounts with cross account role failures like:
{
  "resourceType": "aws-sdk:organizations",
  "resource": "listAccounts",
  "error": "States.TaskFailed",
  "cause": "The role arn:aws:iam::824014778649:role/AwsOrganizationsVendingMa-CleanUpAccountsRole40F4A-1CRYD1H74Q8DH is not authorized to assume the task state's role, arn:aws:iam::417593336066:role/OVMCrossAccountRole."
}
  • delete accounts which require a password reset

@schnipseljagd schnipseljagd marked this pull request as draft February 6, 2023 16:23
@schnipseljagd schnipseljagd changed the title improve account cleanup improve and first of all fix account cleanup Mar 1, 2023
@schnipseljagd schnipseljagd marked this pull request as ready for review March 1, 2023 12:28
@schnipseljagd schnipseljagd requested a review from bracki March 1, 2023 12:28
@schnipseljagd schnipseljagd force-pushed the improve-account-cleanup branch from 85674fa to e86d889 Compare March 1, 2023 13:10
@schnipseljagd schnipseljagd marked this pull request as draft March 1, 2023 16:30
@schnipseljagd schnipseljagd marked this pull request as ready for review March 3, 2023 10:23
@schnipseljagd
* store vending date to know when vended accounts should be cleaned up.
c26fd0c 
* add clean up accounts state machine
* which first closes up all sub accounts and eventually closes the root account.
* update dependencies
* set vatid for all accounts in the list
* ignore list organizations accounts failures for now, we should try to close the account on cross account role failure
@schnipseljagd schnipseljagd force-pushed the improve-account-cleanup branch from c6ecd1d to c26fd0c Compare March 3, 2023 10:31
@schnipseljagd
handle list accounts errors correctly
205107b
@schnipseljagd
mark already closed accounts as closed
1219f72
@schnipseljagd
fix account_closed and password_reset_required checks
a7acc29 
also:
 * add optional error_message when marking accounts as closed
 * add failure_date when marking accounts as failed
@schnipseljagd schnipseljagd force-pushed the improve-account-cleanup branch from e5000b0 to a7acc29 Compare March 8, 2023 09:46
@schnipseljagd
remove account deletion step function
d68664a 
which was triggered through dynamodb updates.

It was always failing anyways.
@schnipseljagd
wip
d7fac37
@schnipseljagd schnipseljagd marked this pull request as draft March 24, 2023 08:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bracki bracki Awaiting requested review from bracki

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@schnipseljagd