Remove cloudformation stacks no longer in use (#34)

.github/workflows/pr.yaml

@@ -10,20 +10,6 @@ on:
       - main
 
 jobs:
-  python-lint:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-      - name: Set up Python 3.10
-        uses: actions/setup-python@v4
-        with:
-          python-version: '3.10'
-      - name: Lint
-        run: |
-          make lint
-        env:
-          PYTHONPATH: $(pwd)
-
   cf-lint:
     runs-on: ubuntu-latest
     steps:

Makefile

@@ -6,33 +6,14 @@ requirements:
 
 .PHONY: cf-lint
 cf-lint: requirements
-	cfn-lint ./union-ai-admin/aws/gen/*.yaml
 	cfn-lint ./union-ai-admin/aws/*.yaml
 
-.PHONY: generate
-generate:
-	python union-ai-admin/aws/script/generate.py
-
-.PHONY: lint
-lint: requirements
-	black --check union-ai-admin/aws/script/generate.py
-
 .PHONY: create-stack
-create-stack: requirements lint generate cf-lint
-	aws cloudformation create-stack \
-	  --output text \
-	  --stack-name unionai-provisioner-stack \
-	  --template-body file://./union-ai-admin/aws/unionai-provisioner-role.template.yaml \
-	  --capabilities CAPABILITY_IAM CAPABILITY_NAMED_IAM CAPABILITY_AUTO_EXPAND
-	aws cloudformation create-stack \
-	  --output text \
-	  --stack-name unionai-updater-stack \
-	  --template-body file://./union-ai-admin/aws/unionai-updater-role.template.yaml \
-	  --capabilities CAPABILITY_IAM CAPABILITY_NAMED_IAM CAPABILITY_AUTO_EXPAND
+create-stack: requirements cf-lint
 	aws cloudformation create-stack \
 	  --output text \
-	  --stack-name unionai-support-stack \
-	  --template-body file://./union-ai-admin/aws/unionai-support-role.template.yaml \
+	  --stack-name union-ai-admin \
+	  --template-body file://./union-ai-admin/aws/union-ai-admin.template.yaml \
 	  --capabilities CAPABILITY_IAM CAPABILITY_NAMED_IAM CAPABILITY_AUTO_EXPAND
 
 # RELEASE_TAG=v5.1.1 make release_cloudformation
@@ -45,7 +26,4 @@ release_cloudformation:
 	# Create directory for the new release
 	aws s3api put-object --bucket $(BUCKET_NAME) --key templates/$(RELEASE_TAG)/
 	# Upload the CloudFormation template to the new release directory
-	aws s3 cp ./union-ai-admin/aws/gen/unionai-provisioner-role.template.yaml s3://$(BUCKET_NAME)/templates/$(RELEASE_TAG)/unionai-provisioner-role.template.yaml
-	aws s3 cp ./union-ai-admin/aws/gen/unionai-updater-role.template.yaml s3://$(BUCKET_NAME)/templates/$(RELEASE_TAG)/unionai-updater-role.template.yaml
-	aws s3 cp ./union-ai-admin/aws/gen/unionai-support-role.template.yaml s3://$(BUCKET_NAME)/templates/$(RELEASE_TAG)/unionai-support-role.template.yaml
 	aws s3 cp ./union-ai-admin/aws/union-ai-admin-role.template.yaml s3://$(BUCKET_NAME)/templates/$(RELEASE_TAG)/union-ai-admin-role.template.yaml

union-ai-admin/aws/README.md

@@ -5,68 +5,22 @@
 
 The Union.ai role Stack for AWS gives you a iam role and few policies. Union ai will use these roles for provisioning, management and debugging purpose.
 
-### unionai-provisioner-stack
-CloudFormation template allows customers to create an initial provisioner role for provisioning the UnionAI infrastructure. Once the infrastructure is set up, the user can safely delete this role.
+### unionai-admin-stack
+CloudFormation template allows customers to create role for provisioning and managing the UnionAI infrastructure. 
 
-[![Launch Stack](https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png)](https://console.aws.amazon.com/cloudformation/home?region=region#/stacks/new?stackName=unionai-provisioner-stack&templateURL=https://union-public.s3.amazonaws.com/templates/v0.7/unionai-provisioner-role.template.yaml)
+[![Launch Stack](https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png)](https://console.aws.amazon.com/cloudformation/home?region=region#/stacks/new?stackName=union-ai-admin&templateURL=https://union-public.s3.amazonaws.com/templates/v0.7/union-ai-admin-role.template.yaml)
 
 #### Resources
-- It will create 3 policies:
-   - `support-policy`: This policy only provides permissions to list, get, and describe permissions.
-   - `updater-policy`: This policy will only provide permissions to modify a few resources, such as node groups, EKS versions, and some EC2 permissions.
-   - `provisioner-policy`: This policy only provides full administration permissions, including creating, deleting, tagging, and untagging resources.
-- It will create an AWS IAM role `unionai-provisioner-role` and attach all 3 policies to it.
+- It will create an AWS IAM role `union-ai-admin` with 1 inline policy attached.
 
 #### AWS CLI Command
 To create the stack, use the following AWS CLI command:
 
 ```bash
 aws cloudformation create-stack \
   --output text \
-  --stack-name unionai-provisioner-stack \
-  --template-url "https://union-public.s3.amazonaws.com/templates/v0.7/unionai-provisioner-role.template.yaml" \
-  --capabilities CAPABILITY_IAM CAPABILITY_NAMED_IAM CAPABILITY_AUTO_EXPAND
-```
-
-### unionai-updater-stack
-CloudFormation template allows customers to create a updater role for managing the UnionAI infrastructure. The updater role provides permissions to modify specific resources and perform management tasks within the infrastructure.
-
-[![Launch Stack](https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png)](https://console.aws.amazon.com/cloudformation/home?region=region#/stacks/new?stackName=unionai-provisioner-stack&templateURL=https://union-public.s3.amazonaws.com/templates/v0.7/unionai-updater-role.template.yaml)
-
-#### Resources
-- It will create 2 policies:
-   - `support-policy`: This policy provides permissions to list, get, and describe resources.
-   - `updater-policy`: This policy provides permissions to modify specific resources such as node groups, EKS versions, and certain EC2 permissions.
-- It will create an AWS IAM role `unionai-updater-role` and attach all policies to it.
-
-#### AWS CLI Command
-To create the stack, use the following AWS CLI command:
-
-```bash
-aws cloudformation create-stack \
-  --output text \
-  --stack-name unionai-updater-stack \
-  --template-url "https://union-public.s3.amazonaws.com/templates/v0.7/unionai-updater-role.template.yaml" \
-  --capabilities CAPABILITY_IAM CAPABILITY_NAMED_IAM CAPABILITY_AUTO_EXPAND
-```
-
-### unionai-support-stack:
-CloudFormation template allows customers to create a support role for accessing and viewing resources within the UnionAI infrastructure. The support role provides read-only permissions, allowing users to list, get, and describe resources without the ability to modify or make changes.
-
-[![Launch Stack](https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png)](https://console.aws.amazon.com/cloudformation/home?region=region#/stacks/new?stackName=unionai-provisioner-stack&templateURL=https://union-public.s3.amazonaws.com/templates/v0.7/unionai-support-role.template.yaml)
-
-#### Resources
-- It will create a policy named `support-policy` that provides permissions to list, get, and describe resources.
-- It will create an AWS IAM role `unionai-support-role` and attach the `support-policy` to it.
-
-#### AWS CLI Command
-To create the stack, use the following AWS CLI command:
-
-```bash
-aws cloudformation create-stack \
-  --output text \
-  --stack-name unionai-support-stack \
-  --template-url "https://union-public.s3.amazonaws.com/templates/v0.7/unionai-support-role.template.yaml" \
+  --stack-name union-ai-admin \
+  --template-url "https://union-public.s3.amazonaws.com/templates/v0.7/union-ai-admin-role.template.yaml" \
   --capabilities CAPABILITY_IAM CAPABILITY_NAMED_IAM CAPABILITY_AUTO_EXPAND
 ```
 
@@ -78,7 +32,7 @@ To get started with customizing your own stack, or contributing fixes and featur
 make generate
 
 # Run Lint
-make lint
+make cf-lint
 
 # Create new stack
 AWS_PROFILE="some-profile" make create-stack