The AWS Ops Wheel is a tool that simulates a random selection from a group of participants that weights away from participants recently chosen. For any group, the selection can also be rigged to suggest a particular participant that will be selected in a blatantly obvious (and sometimes hilarious) way. Version 2.0 introduces multi-tenant architecture, advanced user management, and enterprise-grade security features.
Deploy the enhanced multi-tenant version with advanced features:
Option 1: V2 Deployment (Recommended)
./deploy-v2.sh --suffix dev --admin-email [email protected]Option 2: Legacy V1 Deployment
./deploy.sh --email [email protected] --suffix dev| Feature | V1 (Legacy) | V2 (Enhanced) |
|---|---|---|
| Architecture | Single-tenant | Multi-tenant with Wheel Groups |
| User Management | Basic Cognito | Advanced roles & permissions |
| Security | Standard | Fine-grained access control |
| Data Isolation | None | Complete organizational separation |
| Role System | Admin/User | ADMIN, WHEEL_ADMIN, USER, DEPLOYMENT_ADMIN |
The AWS Ops Wheel provides fair random selection with intelligent weighting that reduces the probability of selecting recently chosen participants. This ensures balanced distribution over time while maintaining the element of surprise.
The enhanced weighting system works as follows:
def suggest_participant(wheel):
target_number = len(wheel) * random() # Random number between 0 and total_weight
participant = None
for participant in wheel:
target_number -= participant.weight
if target_number <= 0:
break
return participant
def select_participant(chosen, wheel):
# Redistribute weight from chosen participant to others
if len(wheel) > 1:
weight_slice = chosen.weight / (len(wheel) - 1)
for participant in wheel:
if participant == chosen:
participant.weight = 0 # Chosen participant gets zero weight
else:
participant.weight += weight_slice # Others get increased weightThis algorithm ensures recently chosen participants have lower probability of being selected again, promoting fairness over time.
Notes: Wheel Groups are isolated organizational containers in V2's multi-tenant architecture
- Create a wheel group: Set up a new organization with custom settings, quotas, and branding
- Requires wheel group name and admin user email
- Automatically creates the first admin user for the group
- Configurable resource limits (max wheels, max participants per wheel)
- Custom themes and organizational settings
- Update wheel group settings: Modify quotas, themes, and organizational preferences
- View wheel group statistics: See user count, wheel count, activity metrics, and usage analytics
- Delete wheel group: Permanently remove the entire organization and ALL associated data
- Warning: This is irreversible and deletes all wheels, participants, and users
Notes: Wheels are scoped to their wheel group with advanced multi-tenant features
- Create a new wheel: Set up participant selection groups within your wheel group
- Supports custom names, descriptions, and selection limits
- Configurable participant weight defaults
- Optional wheel templates for consistency
- Edit an existing wheel: Modify settings, appearance, and selection parameters
- Delete a wheel: Remove wheel and all associated participants
- Single Spin: Traditional single participant selection with enhanced animations
- Notes: This does not adjust weighting, so if you're unhappy with the result, you can spin again
- Proceed: Accept the suggested participant(s) and adjust weights accordingly
- Reset: Restart all participants to equal weights as 1.0
Notes: Participants have enhanced profiles and are isolated within wheel groups
- Add participants to a wheel: Create new participants with rich metadata
- Requires name and follow-through URL that opens in a new browser tab when selected
- Participants begin with configurable default weight (typically 1.0)
- Optional email, tags, and custom attributes
- Batch import support via CSV upload
- Edit participant details: Update name, URL, weight, tags, and metadata
- Delete specific participants: Remove individuals from wheels
- Advanced rigging: Configure participants to be selected next
- Doesn't change actual weighting - bypasses selection algorithm temporarily
- After proceeding, weights adjust as if participant was selected normally
- Can be hidden (deceptive) or visible (comical demonstration mode)
- Supports multi-participant rigging for complex scenarios
Notes: Users belong to wheel groups with role-based permissions
- Create users: Add team members to your wheel group with appropriate roles
- Supports ADMIN, WHEEL_ADMIN, and USER roles
- Automatic Cognito user creation with temporary passwords
- Email verification and welcome workflows
- Update user roles: Change permissions within the wheel group
- Delete users: Remove users from both the wheel group and authentication system
- Create users: Create users within the wheel group
Notes: Deployment Admins have cross-group platform oversight
- List all wheel groups: View every organization with statistics and activity metrics
- See user counts, wheel counts, creation dates, and last activity
- System-wide usage analytics and health monitoring
- Delete wheel groups: Permanently remove entire organizations (emergency use)
- Deletes ALL associated wheels, participants, users, and data
- Removes users from both DynamoDB and Cognito
- Complete cleanup with no recovery option
- Warning: This is the most destructive operation in the system
- System monitoring: Platform-wide health checks and performance metrics
Notes: V1 provides single-tenant wheel management
- Create a new wheel: Set up basic participant selection groups
- Edit an existing wheel: Modify wheel settings and appearance
- Delete a wheel: Remove wheel and associated participants
- Spin the wheel: Traditional single participant selection
- Notes: This does not adjust weighting, so if you're unhappy with the result, you can spin again
- Proceed: Accept the suggested participant and adjust weights
- Reset: Restart all participants to equal weights as 1.0
Notes: Participants aren't shared between wheels in V1
- Add a participant to a wheel: Create new participants with basic information
- Requires name and URL that opens in a new browser tab when selected
- Participants begin with weight of 1.0 (average weight for all participants)
- Edit participant's name and/or URL: Update basic participant information
- Delete specific participants: Remove individuals from the wheel
- Rig a specific participant: Configure participant to be selected next
- Doesn't change weighting - bypasses suggestion algorithm until proceeding
- After proceeding, weights adjust as if participant was selected normally
- Can be hidden (deceptive) or non-hidden (comical demonstration)
Notes: V1 uses basic Cognito authentication without multi-tenant features
- Admin user management: Simple user creation through Cognito console
- Password management: Basic password reset and recovery
- Single organization: All users share the same wheel instance
Wheel Groups are isolated organizational containers that provide:
- Data Isolation: Complete separation between organizations
- User Management: Role-based access control within groups
- Multi-Tenant Security: Zero data leakage between groups
- ADMIN: Full wheel group management and user administration
- WHEEL_ADMIN: Wheel and participant management within the group
- USER: Basic wheel operation and viewing permissions
- DEPLOYMENT_ADMIN: Cross-group administrative access for platform management
- Create/Edit/Delete wheels within your wheel group
- Multi-Select Spin: Select multiple participants simultaneously (up to 30)
- Advanced Rigging: Hide or display rigged selections for demonstrations
- Follow-through URLs: Direct links when participants are selected
- Group-Scoped Participants: Complete isolation per wheel group
V1 provides the original single-tenant experience:
- Single Wheel Instance: One wheel per deployment
- Basic Authentication: Simple Cognito user management
- Standard Operations: Create, spin, proceed, reset functionality
- Simple Participant Management: Add/edit/delete with basic weighting
- Node.js 16.x+ (for enhanced UI features)
- Python 3.9+ (for Lambda compatibility)
- AWS CLI 2.x+ with proper permissions
- Dependencies:
# Python packages pip install -r requirements.txt # Node.js packages (for UI development) cd ui-v2 && npm install
- Node.js 6.10+
- Python 3.x
- AWS CLI 1.11+
Create a dedicated IAM user for development:
- Create Custom Policy: Use the policy in
cloudformation/awsopswheel-create-policy.json - Create IAM User: Attach the policy and enable programmatic access
- Configure AWS CLI:
aws configure # Enter your access key, secret key, and preferred region
- CloudFormation: Stack management and nested templates
- Lambda: Serverless compute with layer optimization
- API Gateway: REST API hosting with enhanced security
- DynamoDB: Multi-tenant data storage with isolation
- Cognito: Advanced authentication with custom attributes
- S3: Static hosting and build artifacts
- CloudFront: Global CDN distribution (V2 enhanced deployment)
# Unit Tests
cd api-v2 && python -m pytest tests/ -v
# Integration Tests
# Update Deployment
./deploy-v2.sh --suffix test
cd api-v2/integration-tests
# Setup Test Env
./setup-test-env.sh test
python -m pytest --verbose
# Cross-tenant isolation tests
cd api-v2/integration-tests && python -m pytest tests/test_04_cross_role_scenarios.py# API Tests
cd api && pytest --verbose --cov-report term-missing --cov ./ -s
# UI Tests
cd ui && npm run test# Full deployment with CloudFront
./deploy-v2.sh --suffix dev --admin-email [email protected]
# Multiple environments
./deploy-v2.sh --suffix staging --admin-email [email protected]
./deploy-v2.sh --suffix prod --admin-email [email protected]# Custom configuration
./deploy-v2.sh \
--suffix myteam \
--region us-east-1 \
--admin-email [email protected] \
--admin-username teamadmin
# Quick app updates (no infrastructure changes)
./deploy-v2.sh --quick-update --suffix dev
# Clean removal
./deploy-v2.sh --delete --suffix dev- Modular CloudFormation: Nested stacks for better organization
- Content-Hash Layers: Efficient Lambda layer caching and versioning
- Security Validation: Pre-deployment security checks
- CloudFront Integration: Global CDN deployment with cache invalidation
- Multi-Environment: Support for dev/staging/prod workflows
- Automated Cleanup: Old resources and layer management
Use the launch button above or deploy directly:
aws cloudformation create-stack \
--stack-name AWSOpsWheel \
--template-url https://s3-us-west-2.amazonaws.com/aws-ops-wheel/cloudformation-template.yml \
--parameters ParameterKey=AdminEmail,[email protected] \
--capabilities CAPABILITY_IAM# Traditional deployment
./deploy.sh --email [email protected]
# With custom suffix
./deploy.sh --email [email protected] --suffix dev- Access Application: Use the provided CloudFront URL
- Login as Deployment Admin: Use provided temporary credentials
- Create Wheel Group: Set up your organization with custom settings
- Creare Users: Add team members with appropriate roles
- Create Wheels: Set up your selection wheels with templates
- Access Application: Use the provided endpoint
- Login: Use Cognito credentials from email
- Create Wheels: Set up participant groups
- Start Spinning: Begin fair selection process
Use the utility script for V1 deployments:
cd utils && python wheel_feeder.py \
--wheel-url <https://your_api_gateway.amazonaws.com> \
--wheel-id <TARGET_WHEEL_ID> \
--csv-file-path <PATH_TO_CSV_FILE> \
--cognito-user-pool-id <COGNITO_USER_POOL_ID> \
--cognito-client-id <COGNITO_CLIENT_ID># List all V2 stacks
aws cloudformation list-stacks --query 'StackSummaries[?contains(StackName, `aws-ops-wheel-v2`)]'
# Delete V2 stack with cleanup
./deploy-v2.sh --delete --suffix <SUFFIX>
# Quick updates
./deploy-v2.sh --quick-update --suffix <SUFFIX>To change wheel spinning speed, modify EASE_OUT_FRAMES and LINEAR_FRAMES in ui/src/components/wheel.jsx. Lower values correspond to faster spinning.
This project is licensed under the Apache License 2.0. See LICENSE, NOTICE, and THIRD-PARTY-LICENSES for complete details.
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}
