Onboarding new departments to the platform
Objective
Before a department is able to use the data platform, its details must be configured and setup beforehand by a Data Platform Engineer.
Intended audience
- Data Platform Engineer
Adding a department onto the platform
-
Create a Google group, with the name:
saml-aws-data-platform-collaborator-<department-name>
Note: ensure that your
department-name
is all lowercase with words separated by hyphens.For example, the Housing Repairs Google group name would be:
saml-aws-data-platform-collaborator-housing-repairs
- You can do this by submitting a request to ICT support requesting a Google group.
- Ensure you specify at least one manager for the group you are creating. This person is responsible for adding/removing users to your department
- Enable the collaborative inbox feature on your Google group by following step 2 in this guide. This will allow your group and its members to receive emails from outside the Hackney organisation as you will need to be able to receive AWS email notifications
-
Add the service account email, one can find this here with the department name in the table in the Google sheets ingestion guide.
-
Raise a ticket with dev ops by emailing cloudsupport@hackney.gov.uk asking them to add the group to the SSO import lambda’s google groups. This will allow members of the google group so sign into AWS via Hackney's SSO.
-
Wait for 2 hours for the next AWS sync before moving onto the next step
-
Create a new department using the existing resources as a template
- Specify
google_group_display_name
with the email address of the Google group you created earlier - Specify a unique name for the department, with a maximum of 16 characters
- Specify
-
Submit a pull request on GitHub, and await approval from two other Data Platform Engineer's.
-
Before merging, which will automatically apply the Terraform changes, it is intended that a Data Platform Engineer would first check that the pipeline and all required actions are clear.
-
Once Terraform has applied, an email address will be output, which can be retrieved from either the GitHub Actions output, or from within the GSuite admin portal. This email address can be shared with the department that you are onboarding, which they can then use to ingest data into the platform.