Rotate AWS Keys

Owned by Dwayne Jeng (Unlicensed)
Jun 13, 2023
1 min read

This is the procedure for rotating AWS Keys that the Bridge Server Team uses.

  1. In the AWS Console, create the new AWS Key.

  2. Add the new key to LastPass in the folder Shared-Bridge-Server in the file Bridge IAM Users.

  3. For AWS User BridgeDocsAndRepoBuild, update the keys in the following Travis environments using the environment variables AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY.

    • bridge-base

    • BridgeDocs

    • BridgeJavaSDK

    • BridgeResearcherUI

  4. For AWS User TravisUser, update the following Travis environments using the environment variables AwsTravisAccessKey_prod and AwsTravisSecretAccessKey_prod. (Substitute the stage with _develop and _uat if you are rotating the Bridge-Develop key.)

    • BridgeServer2-infra

    • BridgeWorkerPlatform-infra

  5. TODO BridgeServer2 and BridgeWorkerPlatform

  6. The following repos are rarely built. To save time, we can put off updating the keys until we have changes in these repos. (The AWS keys themselves should still be rotated regardless.)

    • BridgeDataUploadUtils

    • Bridge-Exporter

    • Bridge-Exporter-infra

    • BridgeIntegTestUtils

    • BridgeMasterScheduler

    • BridgeTestUtils

  7. Delete the old keys from IAM and from LastPass.