Requesting access to WMF Datalake & Superset SQL lab for Nicholusmuwonge_wmde
Closed, ResolvedPublicRequest
Actions

Assigned To

Authored By

	Nicholusmuwonge_wmde
	Thu, Feb 5, 1:29 PM

Description

Requester provided information and prerequisites

Complete ALL items below as the individual person who is requesting access:

Wikimedia developer account username: nicholusmuwonge
Email address: nicholus.muwonge@wikimedia.de
SSH public key (must be a separate key from Wikimedia cloud SSH access): ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ9qaZVGD+h/aKD+oXIUZAtev1JQvsykTa9y6q6vXN3g nicholus.muwonge@wikimedia.de
Requested group membership: analytics_privatedata_users group membership level 3
Reason for access: i will be accessing data and Hadoop including querying it with Spark/Hive.
Name of approving party (manager for WMF/WMDE staff): Cynthia Makonyango
Ensure you have signed the L3 Wikimedia Server Access Responsibilities document: Yes
Please coordinate obtaining a comment of approval on this task from the approving party.

SRE Clinic Duty Confirmation Checklist for Access Requests

This checklist should be used on all access requests to ensure that all steps are covered, including expansion to existing access. Please double check the step has been completed before checking it off.

This section is to be confirmed and completed by a member of the SRE team.

- User has signed the L3 Acknowledgement of Wikimedia Server Access Responsibilities Document.
- User has a valid NDA on file with WMF legal. (All WMF Staff/Contractor hiring are covered by NDA. Other users can be validated via the NDA tracking sheet)
- User has provided the following: developer account username, email address, and full reasoning for access (including what commands and/or tasks they expect to perform)
- User has provided a public SSH key. This ssh key pair should only be used for WMF cluster access, and not shared with any other service (this includes not sharing with WMCS access, no shared keys.)
- The provided SSH key has been confirmed out of band and is verified not being used in WMCS.
- access request (or expansion) has sign off of WMF sponsor/manager (sponsor for volunteers, manager for wmf staff)
- access request (or expansion) has sign off of group approver indicated by the approval field in data.yaml

For additional details regarding access request requirements, please see https://wikitech.wikimedia.org/wiki/Requesting_shell_access

Details

Related Changes in Gerrit:

	Subject	Repo	Branch	Lines +/-
	Add Nicholus Muwonge to analytics-privatedata-users + krb	operations/puppet	production	+9 -0

Customize query in gerrit

Related Objects

Mentioned In: T416494: Grant Access to ldap/wmde, ldap/nda for Nicholusmuwonge

Event Timeline

Nicholusmuwonge_wmde created this task.Thu, Feb 5, 1:29 PM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptThu, Feb 5, 1:29 PM

Nicholusmuwonge_wmde updated the task description. (Show Details)Thu, Feb 5, 1:56 PM

Approved from WMDE side

elukey moved this task from Untriaged to In Discussion on the SRE-Access-Requests board.Thu, Feb 5, 2:56 PM

@Nicholusmuwonge_wmde Hi! Could you please sign the https://phabricator.wikimedia.org/L3 document?

Hi @KFrancis, do we need an explicit NDA for this use case? Thanks in advance :)

Hello @Nicholusmuwonge_wmde,
While we’re waiting for the NDA to be signed, could you please read and sign https://phabricator.wikimedia.org/L3 ?
Could I also ask you to provide your developer account username, since it’s missing from the form?
Thank you.

Nicholusmuwonge_wmde updated the task description. (Show Details)Thu, Feb 5, 4:06 PM

In T416592#11587836, @tappof wrote:

Hello @Nicholusmuwonge_wmde,
While we’re waiting for the NDA to be signed, could you please read and sign https://phabricator.wikimedia.org/L3 ?
Could I also ask you to provide your developer account username, since it’s missing from the form?
Thank you.

Hey @tappof , I have updated the username and signed the L3 Acknowledgement of Wikimedia Server Access Responsibilities Document. Thank you.

Hi all, I have sent the NDA out for signatures. I'll confirm when it's complete. Thanks!

tappof moved this task from Awaiting User Input to Manager/NDA Approval/Confirmation on the SRE-Access-Requests board.Fri, Feb 6, 1:20 PM

tappof mentioned this in T416494: Grant Access to ldap/wmde, ldap/nda for Nicholusmuwonge.Fri, Feb 6, 1:37 PM

MatthewVernon updated the task description. (Show Details)Fri, Feb 13, 9:39 AM

Noting here as well that the NDA has been completed.

MatthewVernon updated the task description. (Show Details)Fri, Feb 13, 11:40 AM

MatthewVernon updated the task description. (Show Details)

@Nicholusmuwonge_wmde I've run our validation check, and it tells me that the ssh public key you've provided here is the same as the one you use for WMCS (i.e. Wikimedia Cloud) purposes.

Our policy is that production access must be with a different ssh keypair to cloud access, so can you provide a different public key, please?

MatthewVernon moved this task from Manager/NDA Approval/Confirmation to Awaiting User Input on the SRE-Access-Requests board.Fri, Feb 13, 12:03 PM

MatthewVernon updated the task description. (Show Details)

hey @MatthewVernon, I have update the key. Please review and let me know if all is well

Change #1239351 had a related patch set uploaded (by MVernon; author: MVernon):

[operations/puppet@production] Add Nicholus Muwonge to analytics-privatedata-users + krb

https://gerrit.wikimedia.org/r/1239351

gerritbot added a project: Patch-For-Review.Fri, Feb 13, 2:41 PM

MatthewVernon updated the task description. (Show Details)Fri, Feb 13, 2:41 PM

Change #1239351 merged by MVernon: