This is the Ministry of Justice (MOJ) Cloud Platform team's repository for public facing documentation, feature work, enhancements, and issues.
The Cloud Platform team utilises GitHub issues to manage their work, and a team ZenHub board to surface GitHub issues into a product management board.
It's best to search our GitHub issues before adding new issues in an effort to reduce duplicates and encourage activity through existing conversations.
This repository has a GitHub action that checks all links in *.md files and creates a GitHub issue if the link returns a non-200 status code. If you have a link that doesn't resolve through the public internet (e.g. 127.0.0.1, localhost, or other internal links), please update the .ignore-links file including the fully-qualified domain name (FQDN).
We have a series of repositories for our work. We have adopted the naming convention of naming each repository starting with cloud-platform-*. Where some repositories have similar purposes, we try to follow a common prefix (e.g. cloud-platform-terraform-* for Terraform modules). We also name things so that users can understand what a repository does through its name.
| Name | Description |
|---|---|
| Cloud Platform (this repository) | Public facing documentation, feature work, enhancements, and issues |
| Cloud Platform environments | User-created environments that are hosted on the Cloud Platform |
| Cloud Platform infrastructure | Core infrastructure for the Cloud Platform |
| Cloud Platform user guide | User-focussed documentation for how to get started and use the Cloud Platform |
| Name | Description |
|---|---|
| Database Migration Service (DMS) | Creates a DMS replication instance to move data from another database to one inside Cloud Platform |
| DynamoDB cluster | Creates a simple (i.e. non-global) DynamoDB cluster |
| ECR credentials | Creates an ECR repository and associated IAM credentials |
| ElastiCache cluster | Creates an ElastiCache cluster |
| ElasticSearch cluster | Creates an ElasticSearch cluster |
| Kubernetes: IAM roles for service accounts (IRSA) | Creates an IAM role for a Kubernetes service account |
| Kubernetes: service account | Creates a Kubernetes service account, role, and rolebinding within a namespace |
| Prometheus Pushgateway | Creates a Prometheus Pushgateway |
| RDS Aurora cluster | Creates an RDS Aurora cluster |
| RDS instance | Creates an RDS instance |
| S3 bucket | Creates an S3 bucket |
| SNS topic | Creates an SNS topic |
| SQS queue | Creates an SQS queue |
| Name | Description |
|---|---|
| Auth0 | Creates the auth0 clients for the Kubernetes server and its components |
| AWS Read-Only - SSO | Allow web console logins using Github credentials via SAML |
| AWS Account Baselines | Holds security and operational baselines implemented in Cloud Platform AWS accounts |
| Bastion | Deploys a bastion instance |
| CertManager | Deploys certmanager for automated TLS certificates |
| Cluster Autoscaler | Deploys Cluster Autoscaler |
| Concourse | Deploys ConcourseCI within a Kubernetes cluster |
| Descheduler | Deploys Descheduler |
| EKS Addons | Deploys Cloud Platform EKS Add ons |
| EFS CSI | Enables AWS EFS (NFS compatible) storage backend for Kubernetes |
| EKS CSI Storage | Enables EKS CSI storage backend for Kubernetes (EBS volumes) |
| External DNS | Deploys external-dns to control DNS records dynamically |
| Global Auth0 | Deploys Auth0 actions globally for auth0 tenant |
| IAM Configuration | Holds Cloud Platform team IAM configuration for AWS Accounts |
| Ingress controller | Deploys an NGINX ingress controller |
| Kuberhealthy | Deploys Kuberhealthy Operator and custom checks |
| Kuberos | Deploys kuberos which enables users to authenticate to the cluster |
| Logging | Deploys standard logging tools such as fluentbit, etc. |
| Monitoring | Deploys standard monitoring tools such as AlertManager, exporters, etc. |
| OPA Deploys OPA and required policies | |
| Starter Pack | Deploys Helloworld and multicontainer app |
| Trivy Operator | Deploys Trivy Operator |
| Velero Deploys velero to manage backup and restore | |
| VPC Flow logs | Enables AWS Flow logs to capture information about the IP traffic going to and from network interfaces in VPC. |
| Name | Description |
|---|---|
| Multi-container app | Reference application for multi-container services |
| Go app | Reference application written in Go |
| Ruby app | Reference application written in Ruby |
| Name | Description |
|---|---|
| Canary | Deploys AWS Synthetics Canary resource |
| Custom error pages | Customised error pages for uncaught routes |
| Environments checker | Detects orphaned namespaces and AWS resources |
| Helm charts | Custom Cloud Platform helm charts |
| Kuberos | A fork of original Kuberos, managed by Cloud Platform |
| Tools image | Docker image containing tools used by pipelines |
It may be useful to look at:
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "github-actions[bot]")
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent