Page History
...
- Bitbucket mirrors GitHub repository (both use git so we can restore with the main trunk history)
how to restore github:
- If a Github repository is hacked / deleted, we can restore it from the corresponding Bitbucket repository, which Github is being backed up and there is a process to request a restoration (Bitbucket repository mirrors the master branch)
Scenarios:
- AWS Access Key is compromised. If an AWS Access Key is compromised, it could give hackers access to some AWS resources. Here are remediation steps:
- revoke access key and create a new one
- replace environmental variables (Bamboo variables) referencing the access key with the new one
- re-run CI/CD for EDSC (rebuild/redeploy)
- Malicious NPM Package. If there is a truly dangerous version of an NPM that we list in our dependencies, we can take the following steps to remediate:
- how to pin or update dependency versions
- back-port vulnerability fixes
- Github Hacked. If our Github repository is hacked, we can take the following steps:
- Notify security
- Once we have our access restored, we can restore our source code to a prior version that is mirrored in our Bitbucket repository
- Database Corrupted:
- If our database is corrupted somehow either though malicious actions or accidentally, we can restore it from a backup using the instructions cited here:
- https://wiki.earthdata.nasa.gov/display/EDSC/EDSC+Database+Backup+and+Restore+in+NGAP
...
contact tree (aka phone tree):
- Alicia is Aleman is the main POC
- Heather is Matthew Crouch is backup to Alicia
Overview
Content Tools