Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cloud development policy #298

Open
wants to merge 30 commits into
base: main
Choose a base branch
from
Open

Cloud development policy #298

wants to merge 30 commits into from

Conversation

penwith
Copy link

@penwith penwith commented Nov 21, 2024

Not intended as a 'complete' policy - missing areas may already be planned, but all suggestions welcome

penwith and others added 30 commits December 19, 2023 09:14
@penwith
added empty document
38b5e4c
@penwith
first pass at areas of concern
a95a66d
@penwith
wip
23947fc
@penwith
merge from main
49965f1
@BenMorgan-23
WIP - Document Logging and Monitoring (#275)
d044b21
@penwith
Disaster recovery (#277)
ca923cb
@penwith
removed duplicate folder (#278)
4d442b3
@martyn-fewtrell
First draft for purpose (#269)
3f54ea5
@martyn-fewtrell
Initial draft of Scope of this Policy (#270)
4524c03
@martyn-fewtrell
Initial Draft of Revision History (#272)
c36b494
@martyn-fewtrell
First draft for Cloud First Approach (#271)
e43870d
@martyn-fewtrell
Initial draft of Acceptable Use Policy (#273)
42c8670
@penwith
assignments
8b515df
@BenMorgan-23
fix: tidy up duplication (#284)
4b448bf
@BenMorgan-23
feat: Update documentation on logging and monitoring policy url (#279)
2d36cd3
@penwith
notes from latest meeting and tidy up of syntax warnings
dcdeb86
@BenMorgan-23
chore: Add ref to draft observability policy and update logging secti…
ccd4a64 
…on to reflect that elasticsearch and APM are standard for logging and observability (#287)
@penwith
Changes from group vreview
a7baa11
@penwith
Merge branch 'cloud-development-policy' of https://github.com/UKHO/docs
03878d4 
… into cloud-development-policy
@penwith
training section of cloud development policy (#288)
010cb9c 
* training section of cloud development policy

* cloud pilots license
@penwith
syntax correction
d0e11ce
@penwith
remove sections not identified as mvp (#294)
097c276
@penwith @nevillejrbrown @rockydevnet
Cloud development policy merge main (#295)
e2884ba 
* added order of preference for wiremock plus fixed capitalisation (#281)

* Create Test-Approach-TSR-Reviews.md (#285)

* Correcting the rings on the tech radar referenced by the tech governance policy (#283)

* Correcting the rings on the tech radar referenced by the tech governance policy, and some rewording for clarification.
* Include a link to the tech radar application on the tech governance page.

---------

Co-authored-by: nevillejrbrown <[email protected]>
Co-authored-by: Martin Rock-Evans <[email protected]>
@penwith
merge latest from main
165ea57
@penwith
merge latest from main
36fbc3a
@penwith
assignments
f4c05af
@CallumYoung01 @bolt-io
@skins-uk @penwith
IaC and Security Clearance Policy (#291)
069755f 
* wip

* WIP

* IaC base

* push latest DDC changes

* add SC link

* adds Tagging policy

---------

Co-authored-by: bolt-io <[email protected]>
Co-authored-by: Callum Young <[email protected]>
Co-authored-by: skins-uk <[email protected]>
Co-authored-by: James Thomas <[email protected]>
@penwith
revision history
6ab1ca4
@gyro2009
Update sec ops (#293)
2362ead 
* Initial pass of the Deployment policy

* Fix linting

* Add dependency check

* Update CloudDevelopmentPolicy.md

* Update CloudDevelopmentPolicy.md
@martyn-fewtrell @penwith
Add comprehensive policy for Azure Key Vault management (#296)
c7e38e2 
Introduced a new "Centralized Secrets Management" section under "Secrets Management" with detailed guidelines on:
- Access Control: Use Azure RBAC and Key Vault Access Policies.
- Network Security: Enable Private or Service Endpoints.
- Secret Rotation and Expiration: Automate renewal and alerting.
- Audit and Monitoring: Enable and monitor access logs.
- Secure Application Integration: Use Managed Identities, remove hardcoded secrets.
- Compliance: Align with UK government standards.
- Exceptions: Require documented approval and risk assessment.

Co-authored-by: Jim <[email protected]>
srjames-ukho
srjames-ukho reviewed Nov 29, 2024
View reviewed changes
Copy link

@srjames-ukho srjames-ukho left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some comments, I'll have to come back to this later, I am getting word blindness

software-engineering-policies/CloudDevelopment/CloudDevelopmentPolicy.md Show resolved Hide resolved
software-engineering-policies/CloudDevelopment/CloudDevelopmentPolicy.md Show resolved Hide resolved
software-engineering-policies/CloudDevelopment/CloudDevelopmentPolicy.md Show resolved Hide resolved
software-engineering-policies/CloudDevelopment/CloudDevelopmentPolicy.md Show resolved Hide resolved
software-engineering-policies/CloudDevelopment/CloudDevelopmentPolicy.md Show resolved Hide resolved
software-engineering-policies/CloudDevelopment/CloudDevelopmentPolicy.md Show resolved Hide resolved
software-engineering-policies/CloudDevelopment/CloudDevelopmentPolicy.md Show resolved Hide resolved
software-engineering-policies/CloudDevelopment/CloudDevelopmentPolicy.md Show resolved Hide resolved
software-engineering-policies/CloudDevelopment/CloudDevelopmentPolicy.md Show resolved Hide resolved
software-engineering-policies/CloudDevelopment/CloudDevelopmentPolicy.md Show resolved Hide resolved
@srjames-ukho
Copy link

Thanks Jim. I will try to do another look through before the attending the Cloud Guild.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@srjames-ukho srjames-ukho srjames-ukho left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@penwith @srjames-ukho @BenMorgan-23 @martyn-fewtrell @CallumYoung01 @gyro2009