Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Separate S3 bucket for public assets #1365

Open
34 tasks
r-bartlett-gsa opened this issue Jul 8, 2024 · 1 comment
Open
34 tasks

Separate S3 bucket for public assets #1365

r-bartlett-gsa opened this issue Jul 8, 2024 · 1 comment
Labels
ready for review

Comments

@r-bartlett-gsa
Copy link
Member

r-bartlett-gsa commented Jul 8, 2024
edited
Loading

User Story

As a security officer, in order to maintain appropriate levels of security for maint8ianing and processing CUI, I would like store public challenge assets and controlled/sensitive information in separate S3 buckets.

Acceptance criteria:

  • Public challenge assets are separated into a separate S3 bucket
  • All challenge information and data remains accessible publicly

Definition of Done

Doing (dev team)

  • Code complete
  • Code is organized appropriately
  • Any known trade offs are documented in the associated GH issue
  • Code is documented, modules, shared functions, etc.
  • Automated testing has been added or updated in response to changes in this PR
  • The feature is smoke tested to confirm it meets requirements
  • Database changes have been peer reviewed for index changes and performance bottlenecks
  • PR that changes or adds UI
    • include a screenshot of the WAVE report for the altered pages
    • Confirm changes were validated for mobile responsiveness
  • PR approved / Peer reviewed
  • Move card to testing column in the board

Testing (dev team)

  • Security scans passed
  • Automate accessibility tests passed
  • Build process and deployment is automated and repeatable
  • Feature toggles if appropriate
  • Deploy to staging

Staging

  • Accessibility tested (Marni)
    • Keyboard navigation
    • Focus confirmed
    • Color contrast compliance
    • Screen reader testing
  • Usability testing: mobile and desktop (Tracy or Marni)
  • Cross browser testing (tool to be determined) (Tracy or Marni)
    • UI rendering is performant
  • AC review (Renata)
  • Deploy to production (production-like environment for eval capability) (dev team)
  • Move to production column in the board

Production

  • User and security documentation has been reviewed for necessary updates (Renata and Michelle)
  • PO / PM approved (Jarah or Renata)
  • AC is met and it works as expected (Jarah or Renata)
  • Move to done column in the board (Jarah or Renata)
@r-bartlett-gsa r-bartlett-gsa changed the title S3 bucket for public assets Separate S3 bucket for public assets Jul 10, 2024
@r-bartlett-gsa
Copy link
Member Author

Additional information: https://docs.google.com/document/d/1T3xsithi-FjW5nuG7u6n9obH-tqwMnXhoNuSYHPaZIg/edit?usp=sharing

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
ready for review
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@r-bartlett-gsa