Skip to main content
This page describes what to do in case of an Icinga alert. For more information you could search the govuk-puppet repo for the source of the alert
Last updated: 19 May 2022

Check that correct users have access

This alert is triggered by the User Monitor Jenkins job. This task runs a script that verifies only the correct users have access to things like GitHub, Sentry, AWS, Fastly and Pagerduty.

Investigating issues

When the check fails, look at the console logs for the monitor task in the AWS Production Jenkins.

When a new person joins, they are added on GitHub and need to join the GOV.UK team. For GOV.UK tech people, they still have to open a number of PRs to give themselves access elsewhere (ex: in govuk-puppet). If they’re new, they might not have got to that yet so you should check with them before attempting to remove their access.

Resolving issues

The list of users and their privileges which the user monitor task compares with the status quo is maintained in the alphagov/govuk-user-reviewer repository. If you have verified that a user has rightfully been granted access, you can request them or their team lead to adjust the data in the repo accordingly.