OnboardingChecklist.md

Onboarding Checklist

Instructions

When someone new joins the cloud.gov team:

1. Get a Jira account for NewPerson. Buddy can help, or you can go to the Program Manager.
2. Create a new issue in Jira in the cloud.gov (CG) project assigned to the Product Management team called "Ramp up [NewPerson] on cloud.gov team".
3. View the raw source of this file.
4. Copy everything below the line into the new issue's body.
5. Replace "NewPerson" with the new person's name.
6. Replace "Buddy" with the onboarding buddy's name.
7. Delete any checklists irrelevant for the new person's skill domain (theme).
8. Submit the issue.
9. Assign the issue to the person who bravely volunteered to be the new person's Onboarding Buddy.
10. Put the issue into the In Progress column in Jira on the cloud.gov Program Management Board.

---

In order to get NewPerson productively contributing to the cloud.gov team, Buddy should help NewPerson complete a prescribed set of tasks that will bring them up to speed.

Directions

NewPerson and Buddy: Try to go through your checklists in order.

Buddy: If you can’t complete any of the items on your checklist personally, you are responsible for ensuring that someone with the correct access completes that item.

New Person checklist

Getting to know cloud.gov

• Take judicious notes on what about this onboarding process or cloud.gov is confusing or frustrating. If you notice a problem (especially with things like documentation), you are more than welcome to fix it! At the very least, please share this information with your buddy (or someone) at some point so we can make the team/platform better. (You can also file issues and pull requests on the template for Onboarding issues
• Figure out who your onboarding buddy is (they should reach out to you) and make sure this issue is assigned to them.
• Read the team onboarding document for more context about cloud.gov.
• Bookmark the pertinent links listed here.
• Read the "What is it?" presentation for a rundown of what cloud.gov is and does (specifically read slides 1-37; the rest are somewhat outdated)
• Read through the Overview section of cloud.gov for a broader understanding of cloud.gov, especially as we present it to potential customers/users.
• Read the January 2016 cloud.gov "Executive Business Case" document for greater context about cloud.gov's potential impact in government.
• Deploy a sample application to cloud.gov to get familiar with the basics of the PaaS from a user's perspective.
• We also use JIRA for macro-level cadence and roadmapping.
• Read the Delivery Process document to learn about how we work.
• Read our service disruption guide to learn how we handle customer-facing service disruptions.
• Join the cloud.gov team Google Group so you can participate in team-wide internal communication.
• Join the cloud.gov inquiries Google Group so you can keep apprised of prospective new clients.
• Bookmark the cloud.gov Google Drive folder -- that's where we put cloud.gov docs. If you create or move a doc there, it'll get the right access permissions for 18F team members to be able to view and edit it.
• Consider joining Cloud Foundry's Slack channels (we sometimes talk to folks in #gov and #gov-private –- you'll need a cloud.gov team member to invite you to the latter).
• If you haven't already, request a license for Microsoft Office -- this is helpful for working with compliance documentation.
• Once you've finished the checklists below, make suggestions for steps that would have improved your onboarding experience as pull requests on the onboarding checklist template used to make this issue.

Required items for all team members

These items help us fulfill security and compliance requirements (including for FedRAMP). If you get stuck, or if these requirements are confusing, ask for help from your buddy or in a cloud.gov channel.

Pre-requisites:

• Complete GSA OLU IT Security Awareness Training, including accepting the GSA IT Rules of Behavior, which is required before we can give you access to any cloud.gov systems. If you joined GSA more than two months ago, you've already completed this task and can just check the box.

Ensure you know what's happening on the team:

• Subscribe to the cloud.gov team calendar (click the + in the bottom right) so you know when assorted team meetings are happening in the various squads. Tip: When you plan Out of Office time, make a calendar event for that on the cloud.gov calendar so that your teammates know you'll be away.
• Subscribe (through the GitHub watch function) to the cg-site GitHub repository notifications.
• Ask Program Manager or Director for access to the cg-supportstream Slack channel.

Learn our policies and procedures:

• Coordinate with your onboarding buddy to go through Incident Response Training within 60 days of joining the team (and annually after that). This will cover the following document, which you should also review before or after training:
• Read the Incident Response Guide.
• Coordinate with your onboarding buddy to go through nonpublic information training within 60 days of joining the team (and annually after that). This will cover the following documents, which you should also review before or after training:
• Review the 18F open source policy guidance about protecting sensitive information.
  • Read our sharing secret keys policy.
  • Review the 18F requirements for password management.
• If you're Cloud Ops or Business Unit: Coordinate with your onboarding buddy to go through Contingency Planning training within 10 days (and annually after that). This will cover the following document, which you should also review before or after training:
• Read the Contingency Plan.

Read the following documents as well, which explain our practices in a formal written way. Reach out to your buddy or the team if anything is unexpected or confusing.

• Read the Continuous Monitoring Strategy, particularly the cloud.gov team responsibilities.
• Read the Configuration Management Plan.
• Read the 18F Security Policies and Procedures. These documents explain the high-level policies and procedures we must comply with while running cloud.gov, sorted into security control "families" They explain that we follow GSA IT security policy, and they provide a summary of the procedures in our System Security Plan.

Theme-specific items

For explanations of our theme names, see this glossary.

Platform-specific items

• Review the System Security Plan (the latest version lives on Google Drive; look for "cloud.gov System Security Plan (SSP)" as a {{.docx}} file). Of particular note for onboarding:
  • Section 9: System Description
  • Section 10: System Environment
• Bookmark the Platform kanban board view.
• Join the {{#cg-platform}} channel on Slack.
• Learn about Cloud Foundry
  • Watch Build Your Own Private Cloud Foundry to learn about running Cloud Foundry.
  • Set up Cloud Foundry locally and push an app to it.
  • Join the Cloud Foundry Slack in case you need to ask questions of upstream developers.
• Learn about BOSH:
  • watch this video
  • Complete this tutorial for BOSH
  • For a bit of levity, read this
• Get to know how UAA is deployed/integrated.
• Get familiar with Terraform
  • Go through the getting started guide.
  • Examine our provisioning procedures
• Learn about Concourse
  • Try a tutorial.
  • Check out our staging and production Concourse instances, and take a look at some of our pipelines.
  • Join the Concourse Slack in case you need to ask questions of upstream developers.
• Learn about Kubernetes
  • Watch The illustrated Children's Guide to Kubernetes
  • Go through the official tutorial
  • Read the cloud.gov guide for troubleshooting k8s
• Join the cloud.gov operations notifications Google Group, so you can see alert information if PagerDuty is unavailable
• Get familiar with our AWS setup
  • Read about AWS onboarding
  • Read about the AWS CLI
• Review the daily maintenance tasks for when you're on support duty

Customer-specific items

• Join the {{#cg-customer}} channel on Slack.
• Ping @standup-bot for instructions on cg-customer standup.
• Review the Customer board.
• Bookmark link to design folder.
• Review the primary cloud.gov sites: the dashboard, main landing page, and documentation.
• Request access to 18F Google Analytics, so you can view cloud.gov site analytics (including for the dashboard). Also request access to Google Tag Manager which we mostly use to manage event tracking in Google Analytics.
• Ask for an invite to a DigitalGov Search account for cg-site, so you can configure it and view analytics.

If developing

• Review the dashboard contributing guide and {{cg-style}} standards which help frame what we're looking for in code review.
• Set up the landing/docs page, dashboard, and {{cg-style}} locally.
• Set up {{cg-style}} to be linked to the other sites locally.
• Have a cloud.gov person send the {{cg-dashboard}} testing environment variables through Fugacious.

For review

• Review the design principles wiki which explains the thinking behind the product and where that thinking comes from.
• Review the design resource request document if you haven’t already to get a sense of your role on the project.
• Review the design principles doc to get a sense of how the cloud.gov team feels about the product.
• Review the {{cg-style}} styleguide to get a sense of the global cloud.gov visual style.
• Review the US Web Design Standards as {{cg-style}} was built from it.
• Review the dashboard: current prod, staging, and demo.

Business unit-specific items

• Bookmark the BizOps board.
• Join #products-platforms and all of the #cloud-gov-[everything] channels (it's ok to mute or leave some later).
• Ask Program Manager or Director for access (and ownership if appropriate) to the cloud-gov-inquiries, cloud-gov-support, cloud-gov-notifications, and cloud-gov-emergency groups.
• Read how the cloud-gov-emergency group works, and set up push notifications for these emails from your work smartphone if appropriate for your role.
• Ask #admins-salesforce for access to Salesforce.
• In Salesforce, bookmark the cloud.gov opportunities report.
• [If not also Cloud Ops] Ask Program Manager or Director for view-only access to admin UI.
• Ask #acquisition for the Acquisition NDA so you can sign it (if you haven't already).
• [If not also Cloud Ops] If appropriate for your role, ask for access to billing info in commercial AWS account from Program Manager or Director.

New Director (System Owner) items

• Ask #tock to list you as the project contact for cloud.gov lines.
• Ask previous Director to give you Owner access to Nessus Manager.
• Ask previous Director to give you Owner access in Zendesk.
• Ask previous Director to give you AWS account ownership for GovCloud.
• Ask Program Manager or previous Director to give you cloud.gov calendar ownership.
• Ask Program Manager or previous Director to give you owner permission on the Google Groups.
• Ask Cloud Ops for read-write access to Admin UI.
• Review the GSA Information Technology (IT) Security Policy to understand our responsibilities as part of GSA.
• Review the cloud.gov System Security Plan version 1.33.

Non team-specific items

Note: These are items that do not fall into the boundary of work for a specific team. However, please consult your onboarding buddy to verify that your work relates to these items prior doing these two checklists.

Compliance-specific items

• Join the {{#cg-compliance}} channel on Slack.
• Watch Handling FISMA Faster and Better for important context and background on the federal regulatory context in which cloud.gov operates.
• Do a cursory read of Before You Ship.

Services-specific items

• Join the {{#cg-services}} channel on Slack.
• Read about Cloud Foundry services from a user perspective.
• Read about implementing services.
• Take a look at our existing brokers.
• Learn about Concourse
  • Try a [tutorial|https://github.com/starkandwayne/concourse-tutorial].
  • Check out our staging and production Concourse instances, and take a look at some of our pipelines.
• Join the Cloud Foundry Slack.

Buddy checklist

• Introduce yourself to the new team member and give them some of your background so they know who you are.
• Identify a straightforward, well-groomed story in progress that involves their skills domain, schedule a meeting with the owner for an introduction (if it's not you), and setup pairing sessions several times in the first week on the project.
• Identify a straightforward, well-groomed first story, ideally something they could conceivably complete in their first two/three weeks using their existing skills. Discuss the context with them, then make them the assignee for the card.
• Discuss suggestions for how the onboarding experience could have been improved and open as PRs on the onboarding template.
• Ask the Program Manager or Director to add the person to Zendesk, so they can see how we handle non-18F support and read technical discussions happening with outside groups.
• Invite them to the private Slack channel cg-supportstream, used for backchanneling on support interactions.

Required items for all team members

These items help us fulfill security and compliance requirements (including for FedRAMP).

• Make sure they're in the list of people working on the project.
• Add their name, whether they're Cloud Ops (Platform), and the date they joined the team to the training tracker. Copy the formulas for the due dates from an existing row (grab the "corner" of the cells and pull down).
• As they complete training, fill out their completion dates in the training tracker.
• Add them to the @cloud-gov-team in Slack’s Team Directory.
• Add them to the recurring cloud.gov meetings that are relevant for them in the team calendar.
• Ask one of our cloud-gov team Github Maintainers (Bret or Shashank) to add them to the @18F/cloud.gov team on GitHub.

Platform-specific required items

• Help them review and understand the responsibilities of becoming a Cloud Operations team member, as listed in our SSP.
• Ask the Program Manager (Bret) or System Owner (Shashank) to have them added to the @18F/cloud-gov-ops team on GitHub. (For contractors: Confirm they have cleared GSA security review before doing this one!)
• If the new person is a contractor, ask the Program Manager (Bret) or System Owner (Shashank) to have them added to the @18F/cloud-gov-contractors team on GitHub.
• Add them to @cg-operators in Slack’s User Groups.
• Grant them access to the following:
  • AWS Accounts via the AWS web console (not Terraform) and provide one-time credentials.
  • AWS GovCloud
  • AWS East tied to GovCloud
  • AWS Admin Access
  • Note: AWS user names should be identical across accounts so that permissions can be correctly managed by terraform
  • Nessus Manager GUI
  • New Relic
  • PagerDuty
  • StatusPage
• Make them an admin of the platform.
• Add them to the {{cloud-gov-operators}} organization in cloud.gov.
• Take them through AWS onboarding.
• Ask #infrastructure to add them to the cloudgov subteam in Docker Hub.
• Give them a walkthrough of cloud.gov from an architecture and repository perspective, focusing on SSP diagrams, external git repository and bosh.io dependencies, and our continuous delivery process with Concourse.