Remove es (#166)

* Update to use opensearch tenant and OKTA * update codeowners
cloud-gov · Jan 15, 2025 · a3f0af2 · a3f0af2
1 parent 1654b5d
commit a3f0af2
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 10 deletions.
diff --git a/CODEOWNERS b/CODEOWNERS
@@ -1,2 +1 @@
-* @cloud-gov/platform-ops
-* @cloud-gov/pages-ops
+* @cloud-gov/platform-ops @cloud-gov/pages-ops
diff --git a/source/diagrams/10-4.1-customer-data-flow.mmd b/source/diagrams/10-4.1-customer-data-flow.mmd
@@ -20,11 +20,11 @@ graph LR
     subgraph Customer Logs
       Q[AWS Elasticache Redis Queue]
       Logstash[Logstash]
-      ES[Elasticsearch]
-      Kibana[Kibana<br>logs.fr.cloud.gov]
+      OS[Elasticsearch]
+      OpensearchDashboard[Opensearch Dashboard<br>logs.fr.cloud.gov]
     end
     subgraph AWS Brokered Services VPC
-      AWSService("AWS Services e.g.<br>AWS RDS Postgresql, MySQL<br>AWS Elasticache Redis<br>AWS ElasticSearch/OpenSearch")
+      AWSService("AWS Services e.g.<br>AWS RDS Postgresql, MySQL<br>AWS Elasticache Redis<br>AWS OpenSearch")
     end
     subgraph SAML IDP
       SAML{cloud.gov fallback IDP<br>providing MFA}
@@ -62,10 +62,10 @@ graph LR
 
   Loggregator-->Logstash
   Logstash-->Q
-  Q-->ES
+  Q-->OS
   Logstash-->CloudWatch
   Logstash-->S3
-  ES-->Kibana
+  OS-->OpensearchDashboard
 
   Customer--"Web HTTP 80 or HTTPS 443"-->ALB
   Customer--SSH port 2222 using temporary key-->ALB
@@ -77,10 +77,10 @@ graph LR
   ALB --SSH port 2222 using temporary key--> SSHProxy
   ALB --"Web HTTP 80 or HTTPS 443"--> Router
   ALB --API request HTTPS 443--> CloudController
-  ALB -- "Triggered by web request HTTPS 443 only" --> Kibana
+  ALB -- "Triggered by web request HTTPS 443 only" --> OpensearchDashboard
 
   UAA-.Authentication.->CustomerSAML
   UAA-.Authentication.->SAML
   CloudController-.Authorization.->UAA
   SSHProxy-.Authorization.->UAA
-  Kibana-.Authorization.->UAA
+  OpensearchDashboard-.Authorization.->UAA
diff --git a/source/diagrams/10-4.2-jumpbox.mmd b/source/diagrams/10-4.2-jumpbox.mmd
@@ -13,7 +13,7 @@ graph TD
     opsuaaweb["UAA Web UI<br>(presents CLI authentication token)"]
   end
   subgraph GSA Responsibility
-    SAML{"Single Sign-on (SSO)<br>providing MFA<br>SecureAuth"}
+    SAML{"Single Sign-on (SSO)<br>providing MFA<br>GSA Auth (Okta)"}
   end
   subgraph GSA VPN and Internet Egress
     ZScalerDNS("ZScaler DNS")