Page History

Contingency-Related Actions:

The following are a list of various actions that can be taken in order to respond to various scenarios.  After this section, we will describe scenarios and which of these documents the actions apply to.

how to re-run CI/CD for EDSC (rebuild/redeploy)

...

• If a Github repository is hacked / deleted, we can restore it from the corresponding Bitbucket repository, which mirrors the master branch

Scenarios:

• AWS Access Key is compromised.  If an AWS Access Key is compromised, it could give hackers access to some AWS resources.  Here are remediation steps:
  • revoke access key and create a new one
  • replace environmental variables (Bamboo variables) referencing the access key with the new one 
  • re-run CI/CD for EDSC (rebuild/redeploy)
• Malicious NPM Package.  If there is a truly dangerous version of an NPM that we list in our dependencies, we can take the following steps to remediate:
  • how to pin or update dependency versions
  • back-port vulnerability fixes
• Github Hacked.  If our Github repository is hacked, we can take the following steps:
  • Notify security
  • Once we have our access restored, we can restore our source code to a prior version that is mirrored in our Bitbucket repository
• Database Corrupted:
  • If our database is corrupted somehow either though malicious actions or accidentally, we can restore it from a backup using the instructions cited here:
  • https://wiki.earthdata.nasa.gov/display/EDSC/EDSC+Database+Backup+and+Restore+in+NGAP

contact tree (aka phone tree):

• Alicia is the main POC
• Heather is backup to Alicia

...