Users who can deploy Athena services, infrastructure and manage Athena users.

Access required

  • Platform Owner

Installation steps

  • Obtain user’s SSH public key

  • Put user’s public key in $HOME/git/<owner>/ansible-data-dev/ssh/<username>-<owner>-dev.pub

  • Put user’s public key in $HOME/git/<owner>/ansible-data-<env>/ssh/<username>-<owner>-<env>.pub, for example: user john.smith in environment uat for owner test public key must be in $HOME/git/test/ansible-data-uat/ssh/john.smith-test-uat.pub

  • In AWS account where environment is deployed create AWS user. Provide user with generated Id and Key.

  • In case if Route53 zone is managed in a different AWS account create AWS user also in that particular AWS account. Provide user with generated Id and Key.

  • Open Athena console for <owner> DEV environment, for example (in docker quick-start terminal shell):

athena test dev
  • Create Git user who has access to main DEV environment repository, for example (in the DEV environment Athena console):
athena-users git john.smith john.smith@example.com
  • Open Athena console for <owner> <env> environment, for example (in docker quick-start terminal shell):
athena test uat
  • Create Git user who has access to environment gitolite-admin repository, for example (in the particular environment Athena console):
athena-users git -a RW+ -r gitolite-admin john.smith john.smith@example.com
  • Create Git user who has access to environment platform secrets repository, for example (in the particular environment Athena console):
athena-users git -a RW+ -r ansible-data john.smith john.smith@example.com
  • Create VPN user, for example (in the particular environment Athena console):
athena-users vpn create john.smith john.smith@gmail.com p4$Sw0rd &&
athena-users vpn activate john.smith john.smith@gmail.com 
  • Create WAF user, for example (in the particular environment Athena console):
athena-users waf create john.smith john.smith@gmail.com p4$Sw0rd &&
athena-users waf activate john.smith john.smith@gmail.com 
  • Grant access to platform environment machines, for example (in the particular environment Athena console):
athena-users ssh john.smith Internal && 
athena-users ssh john.smith Bastion && 
athena-users ssh john.smith Backoffice && 
athena-users ssh john.smith Public
  • Provide user with the transcript key located in $HOME/keys/<Owner><KEY>.transcrypt (for example in $HOME/keys/TestUAT.transcrypt)