Home A - Z

Commit 443e2f

2026-03-13 04:05:02 Claude (Dev): [mcp] Update prerequisites — AWS, Pulumi, DNS, repo all set up
tasks/prerequisites.md ..
@@ 4,17 4,17 @@
## AWS
- - [x] Dev account (or sub-account) provisioned
- - [x] IAM credentials with sufficient permissions for Pulumi (VPC, Lambda, EFS, DynamoDB, API Gateway, S3, CloudFront, Route 53, ACM, CloudWatch, WAF, Budgets)
- - [ ] Credentials available as environment variables or AWS profile
- - [ ] Budget alarm threshold: $50/mo for dev
- - [ ] Region decided (suggested: us-east-1 for cheapest Lambda + API Gateway)
+ - [x] IAM user `wikibot-admin` with `AdministratorAccess` + `WikibotPermissionsBoundary`
+ - [x] Permissions boundary denies: EC2/RDS/Redshift/SageMaker/EKS/ECS/ElastiCache instances, IAM user/key creation, organizations access, non-us-east-1 regional services
+ - [x] API keys in `~/.aws/credentials` under `[wikibot]` profile
+ - [x] Region: us-east-1
+ - [x] Budget alarm: $50/mo
+ - [x] Pulumi state bucket: `s3://wikibot-pulumi-state` (versioning enabled)
## Pulumi
- - [ ] Pulumi account created (or self-managed state backend chosen)
- - [ ] `pulumi` CLI installed
- - [ ] State backend configured (Pulumi Cloud free tier, or S3 bucket)
+ - [x] `pulumi` CLI installed (`brew install pulumi`)
+ - [x] State backend: `pulumi login s3://wikibot-pulumi-state`
## WorkOS
@@ 26,12 26,13 @@
## DNS
- - [ ] `wikibot.io` domain registered (or dev subdomain chosen)
- - [ ] DNS hosted in Route 53 (or delegation configured)
+ - [x] `wikibot.io` domain registered
+ - [x] Route 53 hosted zone: `Z00731461A60YEWXMD1ZE`
+ - [x] Spaceship nameservers delegated to Route 53
## Repositories
- - [ ] `wikibot-io` private repo created (GitHub)
+ - [x] `wikibot-io` private repo created (GitHub)
- [ ] Agent has push access (SSH key or token)
## Local Dev Environment
@@ 48,4 49,4 @@
- [ ] packnplay configured (`packnplay configure` — enable git, ssh, gh, aws credentials)
- [ ] Dev wiki MCP accessible from container — configure MCP endpoint as `http://host.docker.internal:8190/mcp` (not `localhost`) since container `localhost` is the container itself
- [ ] Verify: `packnplay run --aws-creds claude` launches and can reach the wiki MCP
- - [ ] Agent launch command documented: `packnplay run --aws-creds --worktree=<phase> claude --dangerously-skip-permissions`
+ - [ ] Agent launch command documented: `packnplay run --aws-creds --worktree=<phase> claude --dangerously-skip-permissions`
\ No newline at end of file
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9