Dl/Product Release Checklist: Difference between revisions
From stonehomewiki
Jump to navigationJump to search
Stonezhong (talk | contribs) No edit summary |
Stonezhong (talk | contribs) (→Alarms) |
||
| Line 26: | Line 26: | ||
* You should define alarms based on your telemetrics | * You should define alarms based on your telemetrics | ||
* The alarm should be able to notify your devop, for example, via pagerduty | * The alarm should be able to notify your devop, for example, via pagerduty | ||
</div> | |||
</div> | |||
<p></p> | |||
= Security = | |||
<div class="toccolours mw-collapsible mw-collapsed expandable"> | |||
<div class="mw-collapsible-preview"></div> | |||
<div class="mw-collapsible-content"> | |||
* Security vulnerability assessment | |||
** Make sure your product does not have security vulnerabilities | |||
* Access Control | |||
** prevent unauthorized access to protected information | |||
*** access could be "read", "write", "delete", "list", etc. | |||
* Access Audit | |||
** Make sure access to the product is tracked, tracked information should include: | |||
*** Who is accessing? | |||
*** What kind of access? (read/write/delete/list/etc...) | |||
*** When the access happened | |||
*** What has been accessed? | |||
** access audit log should be organized in such way that is easy to search | |||
** access audit log should be retained in reasonable time, also the retained duration should comply to government regulations. | |||
* SSO Authentication | |||
** Your Web UI should use SSO to authenticate user. An anti pattern is to have your product maintain it's own username/password, (e.g. current Airflow for Tier-1 and Tier-2) | |||
*** Having 4~5 products with each maintain their own username and password is a nightmare! | |||
</div> | </div> | ||
</div> | </div> | ||
<p></p> | <p></p> | ||
