CopperPod Onboarding

Prerequisites

• Communications
• Temporary GitHub Access for Ybor Team
• Temporary Azure Access for Ybor Team

Setup and Install

• [BLOCKED] Azure Setup Instructions

---

Prerequisite: Communications

What's your preferred realtime communication platform? Slack? Teams? Other?

• If Slack: can we use "Workspace Connections"
  • Please create "#copperpod-ybor" channel where my team can talk to your team
• If Other: let us know your preferred method to invite us to a non-Email based communication/support channel going forward
• Please invite
  • christian@ybor.ai
  • james@ybor.ai
  • chris@ybor.ai

Prerequisite: Temporary GitHub Access for Ybor Team

Our team will be providing you PRs to spin up your clusters, we will need privilege to the ".platform" repository.

• Please create a Team called “Ybor Support”
• Please invite me (@christiannuss-ybor) to that team
• Please add “Ybor Support” as an Admin to the .platform repository.
  • https://github.com/cpd-ybor/.platform/settinsgs/access

Note: we can remove or reduce our access later.

Prerequisite: Temporary Azure Access for Ybor Team

Our team will need to take a look at your Azure Tenant and Subscriptions to provide hand-crafted setup instructions.

• Please invite me (christian@ybor.ai) as an "External User" to your Entra ID Tenant
  • https://portal.azure.com/#view/Microsoft_AAD_UsersAndTenants/InviteUser.ReactView
• Please create a Group called “Ybor Support”
  • Microsoft Entra roles can be assigned to the group: Yes
  • Roles: Directory Readers
• Please add me (christian@ybor.ai) to the “Ybor Support” group
• For each Subscription you’d like us to use:
  • Please add “Reader” role to the “Ybor Support” group

Note: we may need elevated privileges or reduced privileges as time goes on. We can reduce everything back to the reader role later.

---

Azure Setup Instructions

• Copperpod Action Items
  • GitHub: Install GitHub App
    • Please install the “P6M Ybor” GitHub app to your GitHub Organization
  • Azure: Create and Configure App Registration
    • Entra ID > Manage > App Registrations > New registration
      • Name: Ybor Platform
      • Supported account types: Accounts in any organizational directory
    • Entra ID > App Registration > Ybor Platform
    • Entra ID > App Registrations > Ybor Platform > Certificates & Secrets
      • New Client Secret
    • Entra ID > App Registration > Ybor Platform > API Permissions
      • Add Permission
        • Microsoft Graph > Application Permissions
        • Application > Application.ReadWrite.OwnedBy
      • Click “Grant Admin Consent for …”
  • Azure: Create a Subscription
    • Subscriptions > Add
      • Name: cpd-ybor
      • Billing Account: (set as desired)
      • Plan: Microsoft Azure Plan
    • Subscriptions > cpd-ybor
      • Access Control (IAM) > Add > Role Assignment
        • Role: Privileged administrator roles > Owner
        • Members: User, group, or service principal
          • Select Ybor Platform App
        • Conditions: Allow user to assign all roles (highly privileged)
    • Subscriptions > cpd-ybor
      • Resource Groups > Create
        • Name: cpd-ybor-dev
        • Region: (set as desired)
  • ⚠️ Send to us
    • App Registration
      • Object ID and Client Secret to us
    • Subscription
      • Subscription ID
      • Resource Group Name
      • Azure Region
    • Email a link to “platform@ybor.ai”
      • Use any password sharing methodology you prefer
• Ybor Support Action Items
  • Add GitHub Organization to whitelist
  • Upload Client ID and Secret to Ybor Vault
  • Create Pull Request on “.platform” repository