Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Can I delete and re-create the elasticbamboo security group within AWS

Daniel Lawrence2
Daniel Lawrence July 15, 2014

Hello,

Can you please let me know if I am able to delete and recrease the 'elasticbamboo' security group within AWS.
The reason is I wish to manage ALL security groups via Cloudformation and remove security group creation permissions from the bamboo accounts.

The question can be also viewwed as, if I create 'elasticbamboo' security group within AWS before installing bamboo will it break everything?

References: https://confluence.atlassian.com/display/BAMBOO/Elastic+Bamboo+Security

Cheers,

Danny.

Answer
Watch
Like Steffen Opel likes this
401 views

1 answer

1 accepted

1 vote
Answer accepted
Przemek Bruski
Przemek Bruski
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 15, 2014

You can delete and recreate it. Note that Bamboo will ensure that it has the correct permissions in that group, so you either have to recreate the permission or leave the permissions for group update for the Bamboo account.

View More Comments
Andrew Khoury
Andrew Khoury July 16, 2014

Sorry for hijacking the question, however I think Daniel's question is missing a few bits:

My understanding is, when you create a SG in AWS using CloudFormation you won't have control over the GroupName, it will be something like "stackname-logicalid-xxxxxxxxxxxx-elasticbamboo-xxxxxxxxxxxx".

How does Bamboo identify the right SG to attach?

  • Does it look for a GroupName of "elasticbamboo" exactly?
  • Does it store the id of the SG it creates?

Is there a way to tell Bamboo to use a different SG from the one it creates?

Is there a way to tell Bamboo to use a more than one SG?

Like
Przemek Bruski
Przemek Bruski
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 17, 2014

It has to be called elasticbamboo. There's one more group used by Bamboo - ControlledByBamboo, you can't tell it to use more groups.

Like
Andrew Khoury
Andrew Khoury July 17, 2014

Thanks Przemek, however the solution still isn't clear for me.

So it uses the GroupName exactly, and does not care about the id of the group?

And there's no way to tell Bamboo to use a different group, or a collection of groups?

You say there's a group called ControlledByBamboo however I can't find documentation about it https://confluence.atlassian.com/dosearchsite.action?where=BAMBOO&spaceSearch=true&queryString=ControlledByBamboo

At this stage I'm thinking of modifying the Security Groups attached to the elastic image on boot is probably the best option, would you agree?

I'm thinking something like:
aws ec2 modify-instance-attribute --instance-id i-123 --groups sg-456 sg-789

Like
Przemek Bruski
Przemek Bruski
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 20, 2014

Yes, it uses the group name. No, there's no way to use a different group.

ControlledByBamboo is not really meant to be used, so it's not documented.

If instance attr modification works, it sounds like a plan. Bamboo doesn't care about the instance security groups after the launch request is placed.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bamboo
Bamboo
TAGS
AUG Leaders

Atlassian Community Events

    See all events