with the lopopolo IAM user gone, the only ones left were the IAM users in the #artichoke and #hypstatic GitHub organizations used for terraform CI in the project-infrastructure repos. I used the new GitHub Actions OpenID Connect provider to wire up AWS identity federation following this guide – https://scalesec.com/blog/identity-federation-for-github-actions-on-aws/ #security #github #aws #win
I'm not sure how long ago this happened, but I got ownership of the @hyperbola handle on #github to match the npm namespace. Some js libs, old infrastructure for dynamic hyperbola, and #hypstatic live there now. I've added a 'project-infrastructure' repo like in Artichoke which does infra as code for the GitHub organization and #aws setup.
Further #cost optimized my #AWS infra. Saved $3/month by turning off CloudWatch monitoring and making my ASG out of spot instances https://github.com/hyperbola/hyperbola/commit/ffa0e34 #win