Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Write IAM guidance and review existing setup #60

Open
8 tasks
Tracked by #24
sudhara opened this issue Aug 28, 2024 · 0 comments
Open
8 tasks
Tracked by #24

Write IAM guidance and review existing setup #60

sudhara opened this issue Aug 28, 2024 · 0 comments
Labels
complexity: medium documentation Improvements or additions to documentation feature: security role: security engineer size: 1pt Can be done in 4-6 hours
Milestone

Comments

@sudhara
Copy link
Member

sudhara commented Aug 28, 2024

Overview

We need to figure out Industry Guidance and document what should be in the IAM policies, and review what we currently, so that we can write recommendations of what to fix and create actionable HfLA best practices.

Action Items

  • Research, review and document existing IAM setup
  • Identify and document in a comment who is the authoritative source for guidance (might be multiple places), e.g., AWS, etc.
  • Write up the recommendation in the form of a Decision Record as a draft comment. Use template on (resource 1.01) and reference the source
    • Add to DevOps team agenda (resource 1.02) for review and approval
  • write recommendations on how to fix what we currently have to meet the standards that have now been approved
    • Add to DevOps team agenda (resource 1.02) for review and approval
  • Add the decision record to the wiki and link to (resource 1.01 and 1.03)
  • Create new issues from the recommendations.

Resources/Instructions

Used during issue

created by issue

2.01 Decision Record for [name of thing]

@sudhara sudhara added documentation Improvements or additions to documentation good first issue Good for newcomers draft feature: security size: 1pt Can be done in 4-6 hours complexity: small labels Aug 28, 2024
@github-project-automation github-project-automation bot moved this to New Issue Review in CoP: DevOps: Project Board Aug 28, 2024
@sudhara sudhara added this to the security milestone Aug 28, 2024
@sudhara sudhara changed the title Research, review and document preexisting IAM conditions and report bad policy or procedure Research, review and document preexisting IAM conditions and report bad policy or procedure Decision Record Aug 28, 2024
@sudhara sudhara changed the title Research, review and document preexisting IAM conditions and report bad policy or procedure Decision Record Research, review and document existing IAM setup and report bad policy or procedure Decision Record Aug 28, 2024
@ExperimentsInHonesty ExperimentsInHonesty changed the title Research, review and document existing IAM setup and report bad policy or procedure Decision Record Write IAM guidance and review existing setup Oct 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
complexity: medium documentation Improvements or additions to documentation feature: security role: security engineer size: 1pt Can be done in 4-6 hours
Projects
Status: Prioritized Backlog
Development

No branches or pull requests

3 participants