diff --git a/Makefile b/Makefile index e3b194f84..00104a48c 100644 --- a/Makefile +++ b/Makefile @@ -201,6 +201,9 @@ truststore-build-ca: check-warn ## Build a CA (Certificate Authority) truststore-build-cert: check-warn ## Build a certificate @./scripts/truststore.sh build-cert "$(CA_NAME)" "$(CERT_NAME)" "$(CERT_SUBJECT)" +truststore-pull-all: check-warn ## Pull all certificates + @./scripts/truststore.sh pull-all "$(ENV)" + truststore-pull-server: check-warn ## Pull a server certificate @./scripts/truststore.sh pull-server "$(ENV)" diff --git a/README.md b/README.md index 43a979853..bcaf612e3 100644 --- a/README.md +++ b/README.md @@ -37,6 +37,36 @@ Then install all the dependency packages with: make configure ``` +### Set up AWS CLI access + +There are several ways to set up your AWS CLI access. The recommended way is to use [granted](https://docs.commonfate.io/granted/getting-started). Follow the instructions on their website to install and configure `granted`. + +One of the gotchas with using `granted` is that you need to ensure that you source the environment variables into your shell session. You can do this by running: + +``` +source assume +``` + +Where `` is one of the profiles which should be in your `~/.aws/config`. You can customize the profile names to your liking. + +From here on, you can use the AWS CLI as normal and run commands that need AWS access on that terminal session. + +As a short guideline about profiles to assume for a typical workflow: + +- Assume mgmt account for stack specific terraform deployment as indicated in `terraform/infrastructure/README.md`. +- Assume the specific environment for running feature tests against that environment. + +### Set up NRLF certificates + +In order to execute make commands that need AWS access, you will need to pull the NRLF certificates. +In order to do this, make sure you have AWS CLI installed and configured, then run: + +``` +make ENV=env truststore-pull-all +``` + +Where `env` is one of `dev`, `qa` , `int`, `ref` or `prod`. + ## Getting Started To build packages: