Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Pre migration:

  1. Get Cogonito user pool configured - to be fully terraformed
    a. password policy: default
    b. lambdas: migrate user trigger & pre token generation trigger
    c. app client for Admins-UI
    d. messaging - FROM email: no-reply@tis.nhs.uk

  2. Get Admins API-Gateway configured - terraformed

  3. Get Admins-UI on CloudFront configured (pipeline should be done on another branch) - in progress

  4. Get revalidation config PR ready and Reval API-Gateway PR ready (ready means approved, or merged and not applied yet) - not yet

  5. Get UserManagement fully tested locally (or on Alpha?)(give errors to admins when user does not exist on Cognito?)
    We do give an error when the user does not exist, but the error is thrown from the backend and it is not shown in a friendly way to users.

Give notice to all users in advance

Mid migration:

  1. Give notice to users to inform the migration start

  2. Restrict access of UserManagement (Modify API-Gateway to only allow some specific get reqeusts? Or remove user permission/roles temporarily? Or remove mapping annotation on the endpoints (POST/DELETE)?)

  3. Switch Admins-UI DNS to use the app on CloudFront (new Admins API-Gateway), mind the TTL

  4. Switch Reval to the new user pool and get Reval API-Gateway configured

  5. Switch UserManagement to Cognito and release the UserManagement to users

Rollback plan:
3. If Admins-UI becomes unaccessible, switch DNS back
4. If Reval becomes unaccessible and cannot get resolved for 1(?) hour, roll back Reval and do 3
5. If UserManagement cannot be setup properly, try to find the issue and fix it within 1-2days?

Post migration (if the migration has done)

Some scenario to resolve:

Given user management has switched to manage Cognito users
When an admin comes to a user details page that hasn't been migrated to Cognito yet
Then should we provide a button for the admin to create this user on Cognito? Or provide an error message for admins?

  • No labels

0 Comments

You are not logged in. Any changes you make will be marked as anonymous. You may want to Log In if you already have an account.