Discord slash command code to grant AWS access

[vikhyat187]

Date: 19th Oct

Developer Name: Vikhyat

---

Issue Ticket Number

Real-Dev-Squad/todo-action-items#253

Description

This change is for the discord command to grant AWS access to the developers, we can tag the developer and the group we wanted to add the user in.

Documentation Updated?

• Yes
• No

Under Feature Flag

• Yes
• No

Database Changes

• Yes
• No

Breaking Changes

• Yes
• No

Development Tested?

• Yes
• No

Screenshots

Here I've ran the discord command and the user and the AWS group has been specified, it checks if the user is part of the AWS account if not, adds the user to the account and then to the AWS IAM group.

This is the screen which the user will see on trying to access the AWS link and they should reset their password by using the password sent to their email. (Emails are taken from our Firestore db)

Test Coverage

Screenshot 1

Writing the test cases will push the changes in the same PR

## Additional Notes

1. We will have to create the groups in our AWS account and then store those values in our discord service before registering the command.
2. We will have to create IAM access and secret keys and store them in the website backend PR - Added AWS config and identity store website-backend#2208

[prakashchoudhary07]

What is the name here?

[vikhyat187]

in the website backend, we check if the auth token has the name "cloudfare workers" to validate the token coming from right source.

Ref : https://github.com/Real-Dev-Squad/website-backend/blob/f8d76e1936647759ef7fdfd513f7ff03de226346/middlewares/authorizeBot.js#L18

[prakashchoudhary07]

how is a string helping in validating the right source?

[vikhyat187]

So we create a token in the discord slash commands with name present in payload, this is signed by using the private key and in website backend we validate if the same text is being received post validating the token.
@prakashchoudhary07

[prakashchoudhary07]

I think we need to discuss on this one

[vikhyat187]

sure @prakashchoudhary07

[prakashchoudhary07]

Don't we already have this? why write it again?

[vikhyat187]

didn't get this comment, we are using this in similar manner in one of the other API too.

[prakashchoudhary07]

So at every place we are manually signing, So don't already have a common thing to do this, if not then please create one?

[vikhyat187]

Have created a common utility for this.

[prakashchoudhary07]

Can you create the URL in constant it self?

[prakashchoudhary07]

And please share the doc for using it herE?

[vikhyat187]

do we mean it like
const url = ${base_url}/aws-access this way we have it stored?

[vikhyat187]

Didn't get this which doc?

And please share the doc for using it herE?

[prakashchoudhary07]

Please share the AWS API docs like, of what they are doing?

[vikhyat187]

This is our website backend API, will add the comments there.

[vinit717]

Why this command is not under feature flag?

[vikhyat187]

When I discussed with Tejas about feature flag he suggested to have the backend route under ff and since this command can be only used by super user didn't add the ff @vinit717

[vikhyat187]

Hi @vinit717 facing difficulty in local in registering the commands, so not able to validate the feature flag changes, can we move without it?

Sent the response here https://discord.com/channels/673083527624916993/688816539775926272/1305931857631645787

Have added the feature flag, and also fixed the register command which was failing, the reason is mentioned here https://discord.com/channels/673083527624916993/688816539775926272/1306095480836591626

[vinit717]

Please update the description and screenshots first