Run untrusted pipelines in separate AWS account
Pipelines for CentOS Stream, upstream and ARK should run in a completely separate AWS account. More information for how to request a new AWS account can be found in the IT Guidelines.
AC:
-
AWS account created according to IT Guidelines: RITM0951979, ESSv9 -
infrastructure provisioned -
prepare venv tarball should be stored on gitlab artifacts: pipeline-definition#67 (closed) -
pipeline changed to have no write access to S3 buckets anywhere
Edited by Michael Hofmann