Pre-prod security checks for AG #15

andrewpatto · 2023-08-07T02:21:02Z

We have tentative approval from the MCRI CAB to deploy to AWS wrapping AG data.

Review of all API entry points by @andrewpatto

Go through all the code and trace API entrypoint to service - and make sure it has permission checks

AWS policy checks by @williamputraintan

Review all the policies deployed to AWS written by marco and patto

Docker/container/build process/supply chain security review @brainstorm

Review the build/container setup of the elsa-data image itself and review for security improvements

Q/A with @brainstorm

Get Roman to ask security questions and us answer them to his satisfaction (try to get some fresh thinking on anything we might have missed/not thought about)

andrewpatto · 2023-08-10T01:13:03Z

@mmalenic
@DoxasticFox
This is an issue for us to put in any review suggestions to make us happy before we (full) deploy to prod and enable actual sharing of data (I can defer the S3 permissions in a way that we will be able to deploy to prod before actually switching on "sharing")

andrewpatto added this to Elsa Data Aug 7, 2023

andrewpatto moved this to 📋 Backlog in Elsa Data Aug 10, 2023

andrewpatto assigned brainstorm, andrewpatto, DoxasticFox, mmalenic and williamputraintan Aug 10, 2023

andrewpatto moved this from 📋 Backlog to 🏗 In progress in Elsa Data Aug 10, 2023

andrewpatto added this to Elsa Data Sep 10, 2023

andrewpatto moved this to 🏗 In progress in Elsa Data Sep 10, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Pre-prod security checks for AG #15

Pre-prod security checks for AG #15

andrewpatto commented Aug 7, 2023 •

edited

Loading

andrewpatto commented Aug 10, 2023

Pre-prod security checks for AG #15

Pre-prod security checks for AG #15

Comments

andrewpatto commented Aug 7, 2023 • edited Loading

andrewpatto commented Aug 10, 2023

andrewpatto commented Aug 7, 2023 •

edited

Loading