Child pages
  • Webinar: Code Review of the VPC Provisioning Web and Mobile Web App
Skip to end of metadata
Go to start of metadata

Background

Come take a look both at the process of conducting a code review and at the architecture, frameworks, and components used in building a web and mobile web app. Some folks have requested to see how IT Architecture collaborates together and develops and reviews software engineering projects. To that end we are conducting a reviews and working sessions for several applications as Webinars so other LITS teams can participate and observe.

Date, Time & Registration

The webinar will be held on Monday, December 12 from 10:30 AM to 12:00 PM. To register please visit the registration page.

Details

The VPC Provisioning Administration App is an application for LITS administrators to use in pre-provisioning AWS accounts as well as for customer administrators to use in managing their accounts and VPCs. Early on the team discussed two variants of this application—one for LITS administrators and a separate one for customer administrators. At the time of this writing, however, it appears that all of these functions can be implemented with one app with three roles: Central Administrator, Customer Administrator, and Auditor. The current features are:

  1. Create CIDRs (approved CIDRs are stored in the CIDR service and associated with AWS accounts through CIDR assignments created by the provisioning process or through the use the VPCP app)
  2. Create CidrAssignments to support adding assignments that someone makes outside of the normal provisioning process
  3. Create Emory Elastic IPs (the app places tickets to LITS networking to implement static NAT, tracks the status of these requests, and lists completed request as configured elements of the AWS account)
  4. Create Firewall Rules (the app places tickets to LITS security to implement firewall rules, tracks the status of these requests, and lists completed request as configured elements of the AWS account)
  5. Create AWS Account Metadata (Account owner, purpose, SmartKey, etc.)
  6. Decode NetIDs from the Directory (service) so we'll know more about who the owners are
  7. NetID lookup so users can find NetIDs by name and see confirming information in case they don't have a NetID
  8. Authorization
    1. Emory AWS Admins can see/modify everything (authorization service group/integration)
    2. Emory AWS Auditors can see everything but cannot modify anything (authorization service group/integration)
    3. If a user is an owner or administrator of an AWS account, they can see only those accounts they are associated to and they can see/modify anything about those accounts.  More analysis needed.

The app also provides the following features for managing AWS Account and VPC data as well as deprovisioning:

  1. Manage exchange distribution list membership
  2. Manage IDM role membership (Customer Administrators)
  3. Manage elastic IPs
  4. Update AWS Account metadata
  5. Update VPC metadata
  6. View and manage firewall rules
  7. Delete VPC
  8. Delete AWS Account

The functions presently envisioned for customer administrators are:

  1. View and update appropriate AWS Account metadata
  2. View and update appropriate VPC metadata
  3. Manage elastic IPs
  4. View existing firewall rules and request changes

Screen shots from the VPCP web app (native browser form factor, logged in with admin account):

 

 

Relevant Frameworks

LITS application development groups use the following frameworks for application development <https://wiki.service.emory.edu/x/O43GBQ>. The frameworks relevant to this application are:

  1. Emory GWT
  2. EAI/SOA

 

 

  • No labels