Set correct email address for ORCA DLQ subscription

NASA-IMPACT · Oct 19, 2023 · f4c3ada · f4c3ada
1 parent 11ced88
commit f4c3ada
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 25 deletions.
diff --git a/app/stacks/cumulus/ssm_parameters.tf b/app/stacks/cumulus/ssm_parameters.tf
@@ -54,6 +54,25 @@ data "aws_ssm_parameter" "csdap_client_password" {
   name = "/shared/cumulus/csdap-client-password"
 }
 
+# ORCA Bucket Access
+#
+# Currently, the buckets must be setup in the Disaster Recovery (DR) AWS
+# accounts.  There are only DR AWS accounts for CBA UAT and CBA PROD.
+#
+# Unfortunately, this parameter must be refreshed every time these keys expire.
+# To refresh, do the following:
+#
+# 1. Make new long-term access keys
+# 2. For each environment, run the following
+#
+#    DOTENV=<.env file for UAT or Prod> make bash
+#    aws ssm put-parameter --name ACCESS_NAME --overwrite --value NEW_ACCESS_KEY
+#    aws ssm put-parameter --name SECRET_NAME --overwrite --value NEW_SECRET_KEY
+#
+# where ACCESS_NAME and SECRET_NAME are the `name` values in the respective
+# SSM parameters below, and NEW_ACCESS_KEY and NEW_SECRET_KEY are the new
+# values, respectively.
+
 data "aws_ssm_parameter" "orca_s3_access_key" {
   name = "/shared/cumulus/orca/dr/s3-access-key"
 }
@@ -92,28 +111,6 @@ data "aws_ssm_parameter" "metrics_aws_account_id" {
   name = "/shared/cumulus/metrics-aws-account-id"
 }
 
-# ORCA Bucket Access - Note: As of now, the Buckets must be setup on the DR AWS accounts
-# There are only DR AWS accounts for CBA UAT and CBA PROD
-#
-# Unfortunately, This parameter must be refreshed everytime these keys expire.
-# To refresh, do the following
-# (1) Make new keys
-# (2) For each environment, run the following commands
-# (2a) make bash
-# (2b) aws ssm put-parameter --type SecureString --name NAME --overwrite --value VALUE
-#
-# Note, for setting the FIRST time, the command is slightly different (no --overwrite)
-# # aws ssm put-parameter --type SecureString --name NAME --value VALUE
-# TODO - add some of the above stuff to the proper documentation
-
-#data "aws_ssm_parameter" "orca_s3_access_key" {
-#  name = "/shared/cumulus/orca/dr/s3-access-key"
-#}
-
-#data "aws_ssm_parameter" "orca_s3_secret_key" {
-#  name = "/shared/cumulus/orca/dr/s3-secret-key"
-#}
-
 # <% end %>
 
 #-------------------------------------------------------------------------------

diff --git a/app/stacks/cumulus/tfvars/base.tfvars b/app/stacks/cumulus/tfvars/base.tfvars
@@ -15,7 +15,7 @@
 #<% depends_on("rds-cluster") %>
 
 cmr_environment = "UAT"
-orca_dlq_subscription_email = "[email protected]"
+orca_dlq_subscription_email = "[email protected]"
 
 system_bucket = "<%= bucket('internal') %>"
 

diff --git a/app/stacks/cumulus/tfvars/prod.tfvars b/app/stacks/cumulus/tfvars/prod.tfvars
@@ -17,8 +17,6 @@ cumulus_distribution_url = "https://data.csdap.earthdata.nasa.gov/"
 cumulus_distribution_url = "https://data.csda.earthdata.nasa.gov/"
 # <% end %>
 
-#orca_dlq_subscription_email = ""
-
 metrics_es_host = "https://d23fzndssjmbvi.cloudfront.net/"
 
 # <% if in_cba? then %>