Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DR2-1956 ADR for replacing datasync #386

Merged
merged 9 commits into from
Jan 16, 2025
Merged

DR2-1956 ADR for replacing datasync #386

merged 9 commits into from
Jan 16, 2025

Conversation

MancunianSam
Copy link
Contributor

No description provided.

@MancunianSam
DR2-1956 Replace datasync
ed85f54 
There are now 3 PRs with a 0021 ADR. We'll have to change them based on
the order they're merged.
@MancunianSam
Merge branch 'main' into DR2-1956-adr-for-replacing-datasync
70ba6ea
@MancunianSam
Rename to use next id
ff1b14d
@MancunianSam MancunianSam changed the title Dr2 1956 adr for replacing datasync DR2-1956 adr for replacing datasync Jan 13, 2025
@MancunianSam MancunianSam changed the title DR2-1956 adr for replacing datasync DR2-1956 ADR for replacing datasync Jan 13, 2025
techncl
techncl reviewed Jan 15, 2025
View reviewed changes
Copy link
Contributor

@techncl techncl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 This is very clear. Just some minor comments.

docs/architecture-decision-records/0022-replace-datasync.md Outdated
We will replace the use of AWS DataSync with a mechanism where each Lambda function directly transfers files to Preservica’s S3 bucket. This will involve:

1. **Updating Lambda Roles**:
Each Lambda will continue to use its own IAM role with scoped-down permissions based on its function.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You put here "Each Lambda will continue to use its own IAM role" but previously, you mentioned there were all using a "single IAM role"; should we remove "continue to"?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The single IAM role was for Datasync, not for the lambdas. They each had their own role originally because they didn't need to access Preservica's bucket.

docs/architecture-decision-records/0022-replace-datasync.md Outdated
Each Lambda will continue to use its own IAM role with scoped-down permissions based on its function.

2. **Role Assumption for Cross-Account Access**:
To access Preservica’s bucket, each Lambda will assume a designated IAM role (shared across all Lambdas) that has the necessary `s3:PutObject` permissions on Preservica’s bucket. This role exists solely for the purpose of cross-account transfers.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In some cases in this ADR, "lambda" (by that, I mean the object that is run, not the service) is upper case and sometimes it's lower case.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point. I've changed all of them to lower case except when they're part of Lambda-to-Preservica, in a title or at the beginning of a sentence.

docs/architecture-decision-records/0022-replace-datasync.md Outdated

### Assumptions
- Preservica’s bucket will continue to allow access via the shared IAM role.
- Lambda execution time and resource limits will not pose a problem for the largest files transferred.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe "for the large files transfers" or "for the larger file transfers"?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"for the large files transfers" is good.

@techncl
Copy link
Contributor

techncl commented Jan 15, 2025

Also, should the file name of the ADR be a bit more descriptive, e.g. 022-replace-datasync-with-direct-lambda-preservica-transfers.md

techncl
techncl approved these changes Jan 16, 2025
View reviewed changes
Copy link
Contributor

@techncl techncl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@MancunianSam MancunianSam merged commit 14169fe into main Jan 16, 2025
1 check passed
@MancunianSam MancunianSam deleted the DR2-1956-adr-for-replacing-datasync branch January 16, 2025 13:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@techncl techncl techncl approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@MancunianSam @techncl