Slack Notification Template

Example Slack notification to send to users who plan to use their own AWS S3 buckets, once the V7 setup is complete.

Replace the placeholder names, AD groups, and bucket ARNs before sending.

Message template

@Jeff Eastham — Your V7 setup is complete.

Access control: Raise CIDM to add yourself to AD group v7ws-gene-gred-rp-digipath.

Logon method: After CIDM completion, log on to https://darwin.v7labs.com/ → Use Single Sign-on → gene gred rp digipath → SSO logon details.

Admin access: By default, you are a worker. Ping me after logging in once, and I will make you a workspace Admin.

Data access: Upload from desktop to V7 is disabled. The workspace admin needs to configure the S3 bucket on the Storage tab of V7.

AWS admin: The bucket you are configuring needs a bucket policy. If your bucket is KMS-CMK encrypted, you also need to add the key policy below. Check with V7 on which policy to use if you use an AWS-managed key.

Vendor questions: Via the Slack channel ext-ecdi-v7 on the gRED workspace.

Bucket policy

{
  "Version": "2012-10-17",
  "Id": "V7Access",
  "Statement": [
    {
      "Sid": "DarwinAccess",
      "Effect": "Allow",
      "Principal": {
        "AWS": "arn:aws:iam::258327614892:role/external_s3"
      },
      "Action": ["s3:GetObject", "s3:PutObject"],
      "Resource": "arn:aws:s3:::v7-gene-gred-ace-nlp-prod/*"
    }
  ]
}

Replace arn:aws:s3:::v7-gene-gred-ace-nlp-prod/* with your bucket ARN.

KMS-CMK key policy

{
  "Sid": "Allow access for v7",
  "Effect": "Allow",
  "Principal": {
    "AWS": "arn:aws:iam::258327614892:role/external_s3"
  },
  "Action": [
    "kms:Encrypt",
    "kms:Decrypt",
    "kms:ReEncrypt*",
    "kms:GenerateDataKey*",
    "kms:DescribeKey"
  ],
  "Resource": "*"
}

Next step: Schedule a call with the vendor.

Dataset Registration SSL Certificate Error